How secure is your password?

How to create a safe and easy to remember password

Password protection

It's World Password Day, so it's the perfect time to see how secure your password is.

Remember, just because a password is hard for you to remember, doesn't mean that a computer won't crack it within minutes or hours.

If you take away one thing from this article, it should be this: A long, easy to remember password is better than a short, complex password.

Let's illustrate this with a couple of examples. The first from XKCD shows the complicated password "Trub4dor&3" might appear secure, but it will take 3 days to crack at an estimated rate of 1,000 guesses per second.

Tips for your password

Do

Experiment with creating a strong password here

Make it as long as possible

Use a variety of characters

Use different passwords whenever possible

Sign-up for two-factor authentication 

Don'tUse any factual information e.g. birthdays

Share your password over email or text

Use simple passwords like "12345", "password" or "qwerty"

Meanwhile, a password made up of four random but easily memorable words "correct horse battery staple" would take 550 years to crack at a rate of 1,000 guesses per second. The more characters a password has, the longer it takes to crack.

Sound too good to be true? Let's look at another example, courtesy of Steve Gibson, who hosts the Security Now podcast.

Which is more secure?

PrXyc.N(n4k77#L!eVdAfp9 (23 characters) 

or

D0g.....................(24 characters long)

Look closely, you'll see both include an uppercase letter, lowercase letter, number, and "special" character. So the second is more secure because it is longer.

Gibson doesn't recommend adding dots into all your passwords, but does suggest you come up with unique padding to help increase the length of passwords.

Most websites require you to use capital letters and numbers so this can act as your padding between four or more random but memorable words.

"You could put some padding in front, and/or interspersed through the phrase, and/or add some more to the end. You could put some characters at the beginning, padding in the middle, and more characters at the end. And also mix-up the padding characters by using simple memorable character pictures like "

Featured Resources

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Evaluate your order-to-cash process

15 recommended metrics to benchmark your O2C operations

Download now

AI 360: Hold, fold, or double down?

How AI can benefit your business

Download now

Getting started with Azure Red Hat OpenShift

A developer’s guide to improving application building and deployment capabilities

Download now

Recommended

SolarWinds hackers hit Malwarebytes through Microsoft exploit
hacking

SolarWinds hackers hit Malwarebytes through Microsoft exploit

20 Jan 2021
How LogPoint uses MITRE ATT&CK
Whitepaper

How LogPoint uses MITRE ATT&CK

15 Jan 2021
Weekly threat roundup: Microsoft Defender, Adobe, Mimecast
vulnerability

Weekly threat roundup: Microsoft Defender, Adobe, Mimecast

14 Jan 2021
Mimecast admits hackers accessed users’ Microsoft accounts
Security

Mimecast admits hackers accessed users’ Microsoft accounts

13 Jan 2021

Most Popular

IT retailer faces €10.4m GDPR fine for employee surveillance
General Data Protection Regulation (GDPR)

IT retailer faces €10.4m GDPR fine for employee surveillance

18 Jan 2021
Citrix buys Slack competitor Wrike in record $2.25bn deal
collaboration

Citrix buys Slack competitor Wrike in record $2.25bn deal

19 Jan 2021
Should IT departments call time on WhatsApp?
communications

Should IT departments call time on WhatsApp?

15 Jan 2021