Strong Passwords – Crack Passwords
Every day we are bombarded with security advice from so called “experts” who wish to tell us that we must use strong passwords, else our lives will be taken over completely by those who crack passwords. But what is a secure password, how do you make one? The problem with a truly secure password is that it looks like modem noise (if you are old enough to know what that is props to you), for those of you who do not have the fond memories of watching your modem spit out garbage, it looks like this: #$) (*KJDSN;skln) (#*.. or some variation of, basically characters representing the various clicks, whistles, and beeps. So, that is what a truly secure password looks like, the trouble is really, no one can remember them, so what do they do? Yep! They write it down and put it near the computer which makes them easy targets for those who crack passwords. Seems like a waste then huh. Well, I am going to present a method of generating a strong password you can remember. There are a few steps, so bear with me. There are two methods I will present, choose what you prefer… Ready?
Strong Password Generation, a quick simple method.
- Take three words of decent length: consulting, database, December
- Concatenate all three words: consultingdatabasedecember
- Replace “o”s with zeros: c0nsultingdatabasedecember
- OR “l”s with ones: consu1tingdatabasedecember
- OR “e”s with threes: consultingdatabas3d3c3mb3r
- If you choose to go with something aside from a numerical substitution, a lot of people choose $ over S and & for A or G. Choose what works best for you, you should choose a method that works for you. For the example, I have chosen to use both and a random underscore.
_consu1tingdata_bas3d3c3mb3r - While it is not perfect, it is sure safer than “fluffy”!
Strong Password Generation, the obscured method
- This is particularly beneficial for people who feel the urge to write things down, basically, take a long sentence and use a passphrase instead of a password! It is that simple and will keep you safer from those that crack passwords than writing down your dog’s name.
I would also highly recommend that anyone who has mission critical data look into two programs: Truecrypt and Keepassx (or relatives of). Truecrypt encrypts your drives or makes encrypted files which you can mount as a directory. This would really give those that crack passwords a run for their money! The KeepassX program is a password manager with a very nifty built in password generator. It will generate and store passwords for you of any length. Just an aside, the maximum password length for Windows is 28 characters, for Linux using MD5 or better it is 127 characters and for UNIX folk it is 127 characters. If you put a password in that is too long, only the first characters to the cutoff point are accepted. You should never try to exceed the password buffer because some programs have longer buffers than Windows or UNIX allow and when the authentication is sent over the network, it will return a wrong password message.
Well, I hope this introduction to strong passwords has helped! If you need more information, do check out Google.
Whenever I create a password I like to think of it as creating one that I can remember and will make those that crack passwords give up and go to someone else who used “Ilikebrownies” as their password. If you are reading this and you crack passwords I apologize for educating people and making your life harder. NOT!
What is the craziest password you have ever come up with? What methods do you use to create passwords? Share them below!
