Many articles try to convince readers to use strong and long passwords. However, password reuse, as well as passwords like “123456” or “password,” are still favored by many users. We hope our article will be the last straw to finally convince you of the necessity of strong passwords.
First of all, we hope that you are aware of the existence of databases with the weak, most commonly used passwords, and passwords that were leaked to the network as a result of hacker attacks. You can check HERE if your password was uncovered during a hacking incident:
If your password hasn’t been leaked into the dark web - this is a great news. But don’t think that you are completely safe now... And we’ll explain you why.
How long, do you think, it takes for a modern computer to hack your password by sorting out random combinations of characters? The answer you will find at this table:
|9-symbol password →||(only) numbers||numbers + lower case letters||numbers + lower case + upper case letters||numbers + lower case + upper case letters + special symbols|
|Hacking facilities ↓|| || || |
|Gaming PC with a special software for brute force||1 second||14 hours||73 days||10 years|
|Gaming PC||24 seconds||28 days||10 years||464 years|
|Office PC||3 minutes||164 days||60 years||2783 years|
According to the brute force calculator .
As you may notice, to guess a password, consisting of the joint use of numbers, letters in different cases and symbols, is a challenging task. Of course, for creation of a really strong password, you should choose even a larger length, since the capacities of computers are growing very quickly, which means that today you can crack the password in 1 year, and in a few years, you can crack it in 1 second. For example, a 12-character password, consisting of numbers, letters of different cases and symbols, is currently almost uncrackable (of course, if it’s created according to all rules), since its revealing will take too much time.
What does it take to create a strong super-password?
A strong password must meet the following criteria:
- It hasn’t been hacked before (you already know how to check it)
- It should include a variety of characters and should be of sufficient length (we’ve already figured this out too)
- It can’t be easily guessed, knowing some information about you.
What does the last point mean? In no case should a password contain phrases like “password”, “qwerty”, “iloveyou”, “princess” or something similar2. Even a password like "BornInNY1986" can be unreliable, as this information can certainly be found on your Facebook page.
No doubt you’ve already heard about it, but we’ll repeat it again: reusing the same password within different websites, as well as using it with a slight modification (for example, “1” or “!” added at the end) is a very bad practice. This creates an additional vulnerability for your accounts: if one of your reused passwords is revealed by the hacker, he will first check it and its closest modifications on other websites where you might be registered.
The simplest and most elegant solution for a secure storage and generation of unique complex passwords is a password manager: for example, our application PassSecurium™. It has everything you need to secure your passwords:
- Encrypted password vault
- Password generator with selectable length and complexity
- Mobile applications for: Android and iOS
- Web browser access: https://app.pass-securium.ch/login
- Synchronization over all your devices
- PIN code / fingerprint for additional protection
- Offline mode
- Free version
- Browser addon for the form autofill: Chrome, Firefox and Edge (coming soon)
You can create a free account directly in the application or register it on our website. You may also choose a paid subscription, if you decide that you need more functions, you will find HERE.
And for the true fans of long reads, we offer a couple more tips for password security.
If you want to be truly confident in the security of your accounts, enable two-factor authentication for them. Even if the hacker steals your password, the second authentication step will stop him on the way to getting your personal data. Do not neglect this simple advice! Your data is much more valuable than a few seconds spent on entering the two-factor authentication code.
And a little bonus on how to manage your complex passwords. You don't use most of the passwords very often, so there's no need to remember them - in this case you can rely on the password manager. But surely for some of the frequently used accounts you need complex passwords that you personally would prefer to remember (just in case). An interesting method for creating a complex password can be used for this:
- Take some meaningful sequence of words for you (for example, the top 3 of your favorite AC/DC songs: T.N.T, Thundertruck and Hells Bells)
- Add a significant number (for example, your car number: 1217)
- Mix this in an understandable and memorable way for you and don’t forget to add some symbols: TNT)12(Thu)17(Hel - a long, strong and memorable password is ready! But use this password for the one account only.
Now you can protect your personal data like real pros!
Links in the article: