Posts Tagged ‘gmail’

Making Strong Passwords

You should always try to create strong passwords, especially for services that are important and involve money (eg: Online Banking, Paypal, Amazon, etc.).

To know how to make passwords strong you should also know how hackers can try to find them, which I will briefly explain, along with some tips to make your passwords stronger in this article.

How hackers try to find your password

Hackers can use many different methods to get your password but the two most common are dictionary and brute-force attacks.

Dictionary Attacks

In this type of attack hackers will have a list of words (a “wordlist”) of commonly used passwords and will check if you are using any of those.

These lists usually contain names, places, dates and other common letter combinations (such as letters that appear next to each-other on your keyboard).

Brute Force Attacks

Brute Force attacks try all possible combinations of letters and numbers (and occasionaly symbols). If your password is shorter than 8 characters then it can be cracked relatively easily with a brute force attack, because a hacker with a fast computer can try thousands of passwords every second.

All passwords can be cracked with Brute Force attacks but if the password is too long then it would take several years, making it virtually impossible, for example the US government requeires passwords for secure data to take at least 100 years to crack.

Check the table below to see how long it takes to crack passwords (assuming you aren’t using words in the dictionary) on an average computer. Just remember that if someone who happen to own a supercomputer tries to crack your password these times will be a couple of thousand times smaller.

Password Length All Characters Only Lowercase
3 characters
4 characters
5 characters
6 characters
7 characters
8 characters
9 characters
10 characters
11 characters
12 characters
13 characters
14 characters
0.86 seconds
1.36 minutes
2.15 hours
8.51 days
2.21 years
2.10 centuries
20 millennia
1,899 millennia
180,365 millennia
17,184,705 millennia
1,627,797,068 millennia
154,640,721,434 millennia
0.02 seconds
.046 seconds
11.9 seconds
5.15 minutes
2.23 hours
2.42 days
2.07 months
4.48 years
1.16 centuries
3.03 millennia
78.7 millennia
2,046 millennia

Is my password good?

Make your password at least 8 characters long, if possible even longer. This will make brute force attack take a far longer time, to the point where they may take hundreds of years and discourage hackers.

Avoid using words that can be found in a dictionary. Most words that can be found in dictionaries are also on wordlists, even if you think it’s original and very long like “Antidisestablishmentarianism”.

Include numbers, and both lower and upper case letters in your password. If you can also include symbols, as most brute force attacks will not try passwords with symbols or there would simply be too many possible combinations.

Don’t use common names or patterns on your keyboard, if you find a pattern on the keyboard, such as LKJHGF or POIUYT, chances are someone has found it before you and put it on a wordlist.

Try to make your password random but memorable. The more unpredictable your passwords are the harder it will be for a hacker to find them, but make sure they’re not so random you forget them!

Conclusion

I hope you found this article helpful to make stronger and safer passwords! You can always test the passwords you choose with the Microsoft Password Checker.

Please feel free to leave a message if you can think of any other tips or even just to say thank you :).