Over the years the computer landscape has changed. Computers have gotten faster, phones and TVs have gotten smarter, and threats have gotten meaner. One thing hasn’t changed much – how we login or unlock our devices – the password.
Passwords have been used for years, even in Medieval times to access secret passageways or to be allowed to pass unharmed. Now, passwords are how we gain access to our PCs, our phones, even our bank accounts. But this form of security is more and more risky.
As computers become faster and more powerful, brute-force password attacks (trying password guesses in sequence) are easier and faster. While a strong password two years ago might have taken ten years to crack, newer computers can crack the same password in half the time. By tying computers together, you can cut down the time to much less.
One of the ways that companies are securing access is by using two-factor authentication. Two-Factor authentication is where you authenticate using two or more of the three authentications factors – something you know (e.g. a password), something you have (e.g. a token or passkey) or something you are (e.g. a fingerprint or palm print). This method offers far greater security, but not everyone can afford to use two-factor authentication.
You can do you part to ensure that your password is secure enough. Here are some ways that you can have more secure and manageable passwords.
#1 Aim for Length
The longer a password, the longer it would take to crack, and it needn’t be complex. An 8 character password made up of only lower-case letters would be cracked in 6 hours, but make that password 12 characters and now it would take 317 years to crack. As long as the password is not a dictionary word and has some randomness, it can be very secure.
#2 Use numbers and punctuation.
From #1, if you were to take that 8 character password and use random numbers, letters and special characters (punctuation, pound sign, dollar sign, etc.), it would take 20 years to crack using a single PC. Increase the length and it would take even longer.
#3 Use a Pass Phrase
One of the problems with password is remembering them. Using long passwords or passwords using numbers and punctuation increases the difficulty in remembering them. Some systems allow you to use spaces in your password and allow lengths up to 64 characters or more. In that case you can use a Pass Phrase instead of a password, that is, a sentence. So a password such as “Your brother’s keeper” is legitimate, easy to remember, and strong. Check your admin if this is possible.
#4 Write is down
I know what you’re thinking – “What! Is he crazy? That’s a big no no!” But just hear me out. This goes back to remembering passwords as it gets longer and more complex.” Begin by choosing a small password no longer than eight characters; don’t write this one down. Now make your list of random passwords for different sites and services you access. Now that first secret password that you chose would become part of the full password by combining with the password on your list. You can insert this password at the beginning, at the end, or anywhere in the middle of the password on the list, just keep the location consistent. As long as you never disclose your secret password, the passwords on the list are basically useless.
#5 Use a Password Manager
A password manager acts as a master holder of all your passwords. You would secure access to the password manager using a very strong pass phrase or password. Some security experts don’t like this idea, but I think it’s safe once you go with a reputable application. Two well-known and reputable applications are Keepass (open-source) and LastPass (free and paid versions and in the cloud). There is a saying that the only safe password is the one you don’t remember; using the password managers, you can generate passwords that you never see and use it on websites. I use Keepass myself and do recommend it to others.
There you go, 5 ways to better passwords. How do you go about securing and managing your passwords?