Secure Passwords

Image Credit: Pixapopz
www.pixabay.com

I received an email regarding the review of Keepass. I am always glad to see that people enjoy the content we provide. In the email, a tool was mentioned to help generate passwords. I haven't had the opportunity to test this tool yet, but once I do, I will provide my thoughts on it.

Most people know by now the importance of have a secure password, and the risks involved with reusing passwords. The one thing that may confuse some, is what makes a good password?

Technology is so advanced to the point where brute force attacks are easier and more sophisticated. A brute force attack is when repeated attempts are done on a system until the correct password is entered. Brute force attacks in the past were all manually done. With the speed at which modern processors can do things, brute force attacks can be implemented in a fraction of the time.

The complexity of a password is based on:

      the number of characters the password has;
      the random use of uppercase characters;
      the random use of lowercase characters;
      the use of numbers;
      the use of special characters.

Let's look at why something like "password" is not ideal for a password.

      The password has 8 characters.
      The password does not use uppercase characters.
      The password does use lowercase characters, but they are not randomly placed.
      The password does not use numbers.
      The password does not use special characters.

Here is how you would look at "password" mathematically. The word password contains 8 characters, and since it only contains lowercase letters, which means there are 110,075,314,176 (26^8) possibilities. To arrive at this, there are 26 possibilities and 8 positions.

Something like "password123" would have 131,621,703,842,267,136 (36^11) possibilities. To arrive at this, there are 26 letters, 10 numbers, and 11 positions.

Using one more example, "Password123" would have 7,516,865,509,350,965,248 (52^11) possibilities. To arrive at this, there are 26 possible lowercase letters, 26 possible uppercase letters, 10 numbers, and 11 positions. In this example, we increased the complexity of trying to brute force this password by only adding an uppercase character.

In this last example, I will use special characters. There are 32 possible special characters. "Pa$$word123" would have 1,469,170,321,634,239,709,184 (84^11) possibilities. To arrive at this, there are 26 possible lowercase letters, 26 possible uppercase letters, 10 numbers, and 11 positions. In this example, we increased the complexity of trying to brute force this password by only adding an special characters.

Now that I have explained what a good password is, please do not use any variation of these examples as a password. These passwords, and variations of them, can be found in just about any rainbow table, which is table used to crack passwords.

 




 

Follow Us

Copyright © 2007 - 2019. All Praise Media LLP. All Rights Reserved.