WyzGuys Computer Tutors

 Computer Instruction. Web Design Instruction,  and Web Hosting 

 

Password Strength

 

Site Navigation

Security Home
Registration
Security Resources
The Security Problem
Security Issues
The Control Panel
Computer Security
Network Security
System Restore
Repair Your System
911 Online
E-Mail Security
Spam
Phishing
Phishing Examples
Phishing Web Sites
419 Fraud
Parental Controls
Appendix
Conclusions
Course Evaluation

More Info

Glossary
Internet
E-Mail Attachments
Passwords
Firewalls
NAT
Ports
Broadband
WiFi Networks

Building a Bullet Proof Password

The table below shows the impact of using longer and more complex passwords.  Using a single letter for a password would require just 26 attempts to correctly guess the password.  Moving to a ten digit password using upper and lower case letters, numbers, plus the eight available symbols produces a password that would produce 2.8 quintillion possible combinations - virtually unbreakable. 

A good password is:

  • 6-9 characters, longer is better, using upper and lower case letters, numbers, and symbols

  • Uses character substitution (@ for a, 1 for l, 3 for e, 8 for ate, 4 for for, i.e. p@$$W0rd for password)

  • Uses alternative misspellings for common words (betz for bets)

  • Avoids dictionary words, family names, birthdates or anniversaries

  • Avoids capitalizing the first letter  (Secretpassword)

  • Avoids placing the number at the end (Mypassword1)

  • Avoids obvious passwords (same as the user ID, password, opensesame, letmein, or p@$$W0rd)

Additional Considerations

Most Internet users choose easy-to-guess passwords such as their pet's name, according to a survey by Visa Europe. More than three-fourths of those polled said they choose passwords relating to friends, family and memorable dates. The favorites are:

  • nicknames (21%)

  • birthdays and anniversaries (15%)

  • pet names (15%)

  • family members' names (14%)

  • memorable dates such as the Battle of Hastings and England's World Cup victory (7%).

  • using "password" as their password (2%)

"It is not surprising that loved ones and pet names top the most popular list as often people struggle to remember random characters or designated log-in codes and opt to choose their own. Of course, it is important that our passwords are personal and meaningful to us, but also that they are difficult to decipher and not easily guessed," says Visa Europe VP Hugo Bottelier. When choosing a password, Visa suggests avoiding words that appear in the dictionary, as well as words relating to personal information that could be inferred or guessed. The most preferable type of password would have random letters, numbers and punctuation. And for heaven's sake, don't write it down and leave it by your credit card or PC! (from Silicon.com 11 Aug 2004)

Another recent article from Tech Republic suggests:

Desktop and network security are becoming increasingly more important to keeping hackers and other unauthorized users out of your computers and your network. One step you can take to help prevent intrusions is to strengthen your password... Long passwords that are difficult to guess and which contain a mix of special characters, numbers, and cases can be almost impossible to guess or crack.

First, don't use passwords that contain words, and particularly don't use passwords that contain only words. These passwords are easy to crack by brute-force cracking programs, or dictionary attacks. Second, mix special characters such as these-- _ - ! @ # $ % & * --in your passwords along with letters and numbers. Doing so can make the password very difficult to guess. It can also make it difficult to remember, so consider using a password phrase or mnemonic for your password. For example, iLpi!Wm# could be 'I like pie with milk.'

 

   Close Window  

 

Curriculum developed by WyzGuys Computer Tutors

All Rights Reserved - updated 12/07/2006

Hosted by WyzHost.com

contact support@wyzhost.com