Creating Strong, Secure Passwords

Creating a stable password can be a daunting task. Having a password too simple is just opening the avenue to hackers, and having one you cannot remember is just useless. So how do you create a safe, secure password? Today we will go over what makes a secure password, and how to spot a weak password.

How To Spot A Weak Password

What is the weakest password; using "password" as your password? Just remember, programs using electronic type databases can perform a dictionary inquiry on your system, and in a matter of minutes, identify your password quickly.

One of the most common passwords used is your last name and your birth year, like Smith1998, Smith@1998, or Smith#1998. People that know your last name and your year of birth can quickly figure out your password, just by knowing your last name and your year of birth, or easily can gain access to this information. If you stop and think about how many people know or have access to your last name and birth year, the total number of people is staggering!

Using short passwords can be quickly figured out, even if you use a combination of upper and lower case letters. Don't make the hacker job easy. Also if you add numbers to short passwords, you just letting the hacker's code software work too easy to obtain your password.

Tips to Creating A Strong Password

  • Include Uppercase Letters (A-Z)

  • Include Lowercase Letters (a-z)

  • Include Numbers (0-9)

  • Include Special Characters like the following ~ ` ! @ # $ % ^ * ( ) _ - + = [ { ] } ; : / ?

  • There are ways you can reduce your risk for being hacked. Using a longer and more sophisticated password can help keep your data secure and beat programs from being able to gain access to your device or account. You should always use as many characters as possible. I default to at least 20 characters!

  • Use a phase using shortcut codes or acronyms, like quotes or music lyrics mixed with numbers, such that only you would know the pattern. For example, HtCa_PzPt09:) This represents favorite song you heard at a fun party "Hotel California at a pizza party in 2009". Or IGO2FacebookD( I go to Facebook daily) as examples. Also, use passwords with simple references, and customized to your the specific site such as:

    • Pwrd4Acct-Fb, Password for a Facebook account

    • Pwrd4Acct-$, Password for account at the bank

  • Use the names of gas stations or mattress stores (whatever suits your fancy) in a particular area. An example would be eXmShcHV_DwnTn**. This expresses "ExxonMobil Shell Chevron Downtown with stars".

You get the idea. By using what the account is for and using innovative shortcut codes and unique but identifiable acronyms, the hacker's code-breaking software will have to work overtime to decipher your password. 

Once a strong password is in place, the next thing to do is to change it frequently. Again, how frequent is the question here. The typical time is every three to six months. Yes, it's hard to remember new secure password every time, but if you need a truly secure environment, changing the secure password every three months is a must. Overtime, you will get used to this routine while your system becomes hacker-proof.

Timothy Green who works for a food processing company as a finance analyst has been using the same password to gain access to his office computer for 15 years. That word is "abc123". There are many like him who are risking their personal and official information with "easy to guess" words. The most common ones being "abcdef","qwerty", "12345" and their name backwards.

At first this might seem a fantastic idea, because it is easy to remember and type the above combination of words. After all, who wants to type a password that has an alphanumeric, upper and lower case with special symbol and more than 10 character long? Besides, entering password for every file, account, and systems is as boring as brushing teeth three times a day. Unfortunately, weak passwords pose higher risk. Your personal and confidential information are at stake. Hackers can easily get into your computer system and wreak havoc in a second. 

Over the past several years, it has become evident that passwords can be the strong and weak point of security. While strong passwords (strong password examples such as WordAuth!2 and Home@Alone3!2) can safeguard the system to its eternity, weak ones can compromise the entire network system. People who do not use a password generator for their accounts or files prefer to use something that they can remember easily. It could be, in most instances, their name, birth date, or anniversary date, so to speak. Though these can be used in a clever way to create a strong password, many fail to do so. A person's name with the birth year at the end, for instance, is easy to crack for a hacker. A word combination with street address is equally bad. Just look at how easy to interpret secure words by downloading various tools that serve this purpose. Some of them are available for free on the internet. Other more sophisticated tools can be bought for a small upfront cost. These tools look through your system registry and crack the word within a few minutes. If so, then imagine what a sophisticated tool can do?

The question is, how does a strong program hold its own against such tools? The answer is, it takes a long time to crack or the tool may not be able to crack it at all. Many strong password examples are on the internet and they are not hard to recall. Remember that sometimes, it is the system's security features that are to be blamed. Some operating system may make itself more vulnerable due to glitch or failure to update. The secure password cracking tools will quickly identify these glitches and attack the computer without anyone noticing. At first, they crack through a list of words - literally thousands of words attempting to use against an account. Again, some operating systems are more susceptible to the list because they don't lock out the account after a certain number of attempts. The tool just tries various combination of words, sending words after words to enter the system. Then there are algorithms that generate words to hack the system until the correct match is found. This mode can be time-consuming but there are tools that do quick run of these words and act across multiple computers, even multiple networks.

If an experienced hacker is performing these attacks on a static computer, there is no doubt that eventually he or she will gain access to it. That is not all, there won't be a monitor for the number of failed log ins as well. This means, having a strong password generator will minimize the chances of such attacks. Bigger and more complex the word is, the better. Minimum characters in the strong password also comes into equation here. Ten characters instead of four or five is a lot better, because it takes a lot of additional attempts, even a different tool to hack, thereby reducing the likelihood of being hacked. 

A secure password is only the first step to properly securing your accounts. You need to also rely on multi-factor authentication to ensure only you can access your accounts.