Many times when I have to help someone with their computer or technology problem, I inevitably need to access something of theirs that has a password. In too many of those cases they are using a password as simple as "1234" or "name" + "birthday month/year." While it still may require some time for a random person to guess your password without any other technological services, using these simple and common passwords, especially when so many passwords at companies are being compromised, will put you at risk to not only be hacked by someone who may simply try and guess your password based on "commonly used passwords" but it literally opens the door to professional identity thieves who can now quickly and easily gain access to information they should not have.
What do most IT tech's and IT departments tell their customers? Use random characters, letters, and numbers to generate a secure password. And this is good advice, for those who can remember "Jwo483%(nds." But if that set of characters has no meaning to you, what will happen? You'll just end up writing the password on a sticky note on your screen or desk (something I've seen often as well). Instead, some technology experts are now recommending using a three word password in which the words are not associated with each other.
For example, using a brute force method (where a program cycles through possible passwords), random numbers and letters (let's say 39jmdn) can be solved in about 8-10 months. Not bad right?
But what if you had used a three word password? Using three words that are completely unrelated (let's say: watch tissue pencils) requires nearly 2,000 YEARS to solve via a brute-force method. Much much better. While these words may be unrelated they may be things that you know and see every day. They could be awesome phrase someone made up ("that's what she said"). They could even be a throwback to an old 90's show with a tall, nerdy kid (Family Matters "Did I do that?"). Either way, utilizing a three word (or more) password can help you remember your it and make your password much more secure. For more on creating a more secure password, read about The Usability of Passwords.
What do most IT tech's and IT departments tell their customers? Use random characters, letters, and numbers to generate a secure password. And this is good advice, for those who can remember "Jwo483%(nds." But if that set of characters has no meaning to you, what will happen? You'll just end up writing the password on a sticky note on your screen or desk (something I've seen often as well). Instead, some technology experts are now recommending using a three word password in which the words are not associated with each other.
For example, using a brute force method (where a program cycles through possible passwords), random numbers and letters (let's say 39jmdn) can be solved in about 8-10 months. Not bad right?
But what if you had used a three word password? Using three words that are completely unrelated (let's say: watch tissue pencils) requires nearly 2,000 YEARS to solve via a brute-force method. Much much better. While these words may be unrelated they may be things that you know and see every day. They could be awesome phrase someone made up ("that's what she said"). They could even be a throwback to an old 90's show with a tall, nerdy kid (Family Matters "Did I do that?"). Either way, utilizing a three word (or more) password can help you remember your it and make your password much more secure. For more on creating a more secure password, read about The Usability of Passwords.
No comments:
Post a Comment