When a registration form asks to create a password, the first thing that comes to mind for many users is, "Okay, I need to create a password that's really easy to remember and is directly connected to me so that I never forget". With such a mindset, the password created is something like “ILoveSally143”. A hacker will take less than a minute to hack such a password and take full control of your account.
ContentsHow a password is crackedBrute force attackDictionary attackManually create a strong and easy to remember passwordUsing a password generator and managerPassword generatorsPassword managersConclusionLately, companies and websites are working hard to educate users to use strong password, and they are also using restrictions to force users to create stronger passwords. Luckily, with so much news about hacked accounts and the focus on using a strong password, almost everyone knows to use a strong password. However, the questions remain, what is a "strong" password? In this article, we'll tell you what a strong password is and how to create one.
Before telling you how to create a strong password, it is important to know how to crack a password. There are several ways to crack a password, and the most common are Brute-Force-Attack and Dictionary Attack. Both are explained below.
In a brute force attack, the hacker (hacker software, to be precise) uses all types of letters, numbers, and characters in combination to try to crack a password. The process starts from basic total characters like four or five characters, and when all the combinations are used, the software adds another character and uses all the combinations made with it and repeats the process. This theoretically allows Brute-Force-Attack to crack almost any type of password (including encrypted passwords). However, since Brute-Force checks every possible combination, it takes a long time to check all the combinations, and adding another character will significantly increase the cracking time.
Brute-Force-Attack has trouble cracking long passwords; this is where Dictionary Attack comes in. In a dictionary attack, the hacking software uses a long list (in millions) of word combinations extracted from dictionaries as well as all "common" character combinations, phrases, sequences and anything else. If a password has any meaning, Dictionary Attack can crack it. Adding punctuation marks or numbers with a common word will not help. For example, Dictionary Attack should be able to easily crack the password "I$3haTe5%MaTh" because it makes sense. As this method uses combinations of common words and characters, it takes much less time to crack a password compared to Brute-Force, even if the password is long.
Solution: The answer to both attacks above is simple:create a long password that doesn't make sense. A password of sixteen or more characters with completely random characters should work fine. But creating and managing such a password is difficult, which we explain below.
Note: hackers also use phishing attacks to steal your password. A strong password will not help against a phishing attack because the hacker will steal the real password using a fake website page.
For people who don't like giving their credentials to third-party apps, we know of a manual way to create and remember a strong password. You can create a password from a long phrase that relates directly to you but is not known to others. For example, you can create multiple passwords from a sentence such as "I eat vanilla ice cream at 3 a.m., but I don't sleep after!" Below are some examples:
It will be very easy to remember the phrase because it is related to something you do or have done before; all you have to do is remember how you created the password.
If you don't want to go through the process above and don't mind depending on a third-party service to create and store passwords, then things can get much easier (and productive) for you. There are many tools that will let you generate a strong password, and you can also use a password manager to save those passwords. You'll find some below:
Secure Password Generator:A very simple online password generator that allows you to specify password length and character type to easily create a strong password. It also provides hints that will let you remember the password easily.
LastPass Password Generator:The famous LastPass password manager also has an easy-to-use online password generator and offers handy tools to generate a strong password.
Last Pass:I recommend LastPass for its simple interface and security options. It will securely store all your passwords and allow you to sync them across all devices.
Dashlane:This is another good option which is easy to use and offers great security such as two-factor authentication. It also has a digital wallet to save receipts and credit card information.
Important: Never use the same password for multiple accounts; even if one of your accounts is hacked, it could lead to the loss of all your accounts.
There should be no compromise on password strength as tens of thousands of hackers seek your information and try to access your account. You can say that you are just an ordinary person and no hacker will have time to hack into your account, but hackers don't care who you are. They just try to hack everything they can get their hands on, one way or another. Identity theft and misuse of your account and information is something average users should be concerned about. I also recommend that you enable two-factor authentication if it's available for a website, as it's the best protection against hackers.
How to create and manage a strong password? Share with us in the comments.