How to Make a Good Password













Creating a Strong Password

Before we begin, you must be clear on one big truth: there is no such thing as a perfect password. A committed hacker can crack any password, given enough time and the right "dictionary" or "brute force" tools. But just like breaking into a car, if the protection is strong enough, the hacker will become discouraged and give up before the protection fails.

How Hackers Crack Passwords

Hackers use one of two major techniques: password recovery (an administrator's technique), and "brute force" repetition. The password recovery tries to fool your computer system into trusting the hacker as a legitimate administrator. Brute force is simply repetitve attempts at your password, up to hundreds of attempts per minute, to crack it.

"Brute Force" Repetition

Hackers often use software tools called "brute force dictionaries"...software that quickly recombines English dictionary words with thousands of varying combinations of spellings. (Yes, much like a Hollywood safecracker movie scene, but slower and less glamorous.)
Brute force dictionaries always start with simple letters "a", "aa", "aaa", and then eventually moves to full words like "dog", "doggie", "doggy". These brute force dictionaries can make up to 50 attempts per minute in some cases. Given several hours or days, these dictionary tools will overcome any password. The secret is to make it take days for your password!

The Password Challenge: "How Can I Make It Tough to Crack, But Easy to Remember?"

Indeed, how does one balance these two contrary objectives? A long password of cryptic characters will be strong, but so frustrating to remember. Yet a short-and-easy password will get cracked within minutes by a good hacker.

Gratefully, there are some helpful tips to create a strong-yet-memorizable password. The idea behind these next five password suggestions is to turn an easy-to-remember phrase into a cryptic word that will discourage hackers.

6 Tips to a Strong Password

1) Make your password long – 6 characters is OK, 10 characters is good, and 15 characters is excellent. 15 is really desirable for high-level security, because 15 is a special number in Microsoft Windows. At 14 characters and less, Windows passwords are scrambled as “hashes” (encrypted into unseen scrambled characters), and stored in hidden Windows system files. It is possible for a gifted hacker to access those stored hashes and unscramble your passwords. However, MS Windows no longer stores hashed passwords at 15 characters and longer. Yes, it is annoying to type 15 characters just to log into your account, but some situations may merit the effort. For example: you are the chief financial officer of a company, or you are the master sergeant for a military unit

2) Start designing the password with a memorable meaningful phrase..then make it complex by adding numbers and special characters. Here is how you do it:

    1. Pick a word or multi-word phrase that is meaningful to you.
    2. Mix one or two letters to be upper case.
    3. Then change one or two letters to be numbers.
    4. Then for the sneaky twist: insert one or two non-alphabetic characters. The beginning or end of the password is easiest for memorization purposes. Examples include: .(period), !,*, %, &, or #.
    5. 3) Change your password every 4 weeks. Many employers serious about protecting their data will require their employees to change their password on a regular basis, once a month at minimum. It is a good practice to do the same on your home computer where you keep private financial information.

      4) Do not store your password on paper or with storage software Please avoid password-keeper programs that claim to make your life easier. It is the opinion of this writer that password products do not offer enough protection for your login information should your computer get hacked. It is better to memorize a password whenever possible. Never keep your passwords on a piece of paper under the keyboard or in your wallet. Do not keep them in your PDA either; if you must store your passwords at all, keep the passwords’ hints instead. For example, as an alternative to storing “Dexter2Gouda” use “puppy’s name, age and favorite snack”.

      5) Use different passwords for your different computer accounts. As annoying as it is to remember them all, please do create a different password for your email, for your online banking, for your eBay and your PayPal. Should one of your passwords ever be compromised, at least the hacker will not be taking over all of your accounts.
    6. Advanced Tips for Designing Strong Passwords:


        • If you frequently login to various websites and keep re-using the same password for all of them, check out Nic Wolff’s clever password generator utility here:http://angel.net/~nic/passwd.html
        • The idea behind Nic Wolff's utility is to have one “master password” to secure all your other passwords, no matter how many of them you have!
        • Although the mathematical encryption is complex, the Master Password itself is easy to use. The whole Wolff Master Password process is explained in a short movie tutorial created by InfoWorld’s Jon Udell here:
          These utilities are free and none of the passwords you generate with these scripts is transmitted or stored anywhere.
          6) use spaces one of the working method found by me is to use spaces at the last of your password. you can set any number of password behind your password it depend upon u.this is going to protect your account from phishing etc
          Good luck with keeping your private information private! We can never completely stop hackers or car thieves, but we can certainly make these scoundrels work for it if they want to hack our accounts.







1 comment: