network security

Network Security: Good and Bad Passwords

Network Security: Good and Bad Passwords

Many people, probably most, use weak passwords. This is a bad idea, since nasty people would love to know your password, and they have computers to help them. A strong password will make their job a lot harder.

According to one report, the most popular passwords of 2015, at least among people careless enough to leak them, included "123456," "password," "12345678," and "qwerty." Those are also at the top of any password guesser’s list. An account that uses them won’t stay safe long.

Other bad passwords are any dictionary word, your name, your spouse’s name, your cat’s name, passwords of 5 characters or less, and any password you’ve seen on a public website, a movie, or a TV show. Substituting numbers for letters, e.g., "p455w0rd" instead of "password," makes it harder to remember without offering much benefit.

Passwords from the latest trends in pop culture are common. Avoid passwords like "starwars," "civilwar," and "junglebook."

Any password that you’ve used for one site is a bad one to use for another site, even if it’s otherwise good. You don’t want to give thieves two accounts for the price of one.

A good password isn’t so short that it’s easy to try all strings of that length. Every additional character hugely increases the pool of possibilities. If it takes a computer a month to try all 9-letter passwords, it will take 26 times as long — over two years — to try all 10-letter passwords.

How do you make a good password? The most important thing is to make it long. You can still make it easy to remember using a variety of methods.

A password made from three unrelated words, in at least two different languages, plus some digits, is a strong one. Examples would be "24avoirstorybread" or "Schnell2outlet4doorway6." Silly sentences plus a number, like "FishAteTheQuietHallway9," can be both memorable and hard to guess.

Come up with your own formula for generating hard-to-guess passwords, use it consistently, and don’t tell anyone what it is, and you’ll achieve a good level of safety.

Please contact us to learn about the IT and security solutions we offer.