{"id":129267,"date":"2024-05-24T16:40:00","date_gmt":"2024-05-24T20:40:00","guid":{"rendered":"https:\/\/rbach.net\/?p=129267"},"modified":"2024-06-26T15:00:48","modified_gmt":"2024-06-26T19:00:48","slug":"creating-strong-passwords-is-good-for-you","status":"publish","type":"post","link":"https:\/\/rbach.net\/index.php\/creating-strong-passwords-is-good-for-you\/","title":{"rendered":"Creating Strong Passwords is Good For You"},"content":{"rendered":"

\"Creating<\/a>You can buy a small padlock for less than a dollar\u2014but you shouldn\u2019t count on it to protect anything of value. A thief could pick a cheap lock<\/strong> without much effort, or break it. Yet, many people use weak passwords<\/strong>. They use them to \u201clock up\u201d their most valuable assets, such as money and secrets. Fortunately, everyone can learn how to make and manage stronger passwords. It\u2019s an easy way to strengthen security both at work and at home.<\/p>\n

What makes passwords \u2018Strong\u2019?<\/h3>\n

\"What<\/a>We all hate the dreaded “you must change your password” email from IT. It must be at least 12 characters long. It must include numbers, symbols, and upper- and lowercase letters. You think of a word you can remember, capitalize the first letter, add a digit, and end with an exclamation point. The result: Strawberry1!<\/p>\n

Unfortunately, hackers have advanced tools. They can easily defeat passwords based on dictionary words<\/strong>. These are words like \u201cstrawberry\u201d and common patterns. An example is capitalizing the first letter.<\/p>\n

Increasing the complexity, randomness, and length of a password makes it stronger. These changes make it more resistant to hackers\u2019 tools<\/strong>. You can see in the table below from MyITRisk.com<\/a>. An attacker could guess an eight-character password in 8 seconds. But, a 12-character password would take four years to guess.<\/p>\n\n\n\n\n\t\n\n\t\n\t\n\t\n\t\n\t\n\t\n\t\n\t\n\t\n\t
Password space characters<\/strong><\/th>Length required characters<\/strong><\/th>Defeted in.<\/strong><\/th>\n<\/tr>\n<\/thead>\n
26 (a-z)<\/td>8<\/td>.0077 Seconds<\/td>\n<\/tr>\n
52 (a-z, A-Z)<\/td>8<\/td>2 Seconds<\/td>\n<\/tr>\n
62 (a-z, A-Z, 0-9)<\/td>8<\/td>8 Seconds<\/td>\n<\/tr>\n
26 (a-z)<\/td>12<\/td>59 Minutes<\/td>\n<\/tr>\n
52 (a-z, A-Z)<\/td>12<\/td>168 Days<\/td>\n<\/tr>\n
62 (a-z, A-Z, 0-9)<\/td>12<\/td>4 Years<\/td>\n<\/tr>\n
26 (a-z)<\/td>16<\/td>51 Years<\/td>\n<\/tr>\n
52 (a-z, A-Z)<\/td>16<\/td>91 Years<\/td>\n<\/tr>\n
62 (a-z, A-Z, 0-9)<\/td>16<\/td>55,988.220 Years<\/td>\n<\/tr>\n
MyITRisk.com<\/td><\/td><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n\n

 <\/p>\n

It is also important to pay attention to password complexity<\/strong>. Also you should also pay attention to password unpredictability. You want to avoid common substitutions (e.g., ‘a’ to ‘@’, ‘s’ to ‘$’).<\/p>\n

Why Uniqueness Matters<\/h3>\n

\"Why<\/a>People reuse passwords for many accounts<\/strong>. This risky behavior opens the door for attackers<\/strong>. Even a single password, even a strong one, can lead to access to valuable accounts. Password reuse can lead to a domino effect of account breaches.<\/p>\n