How to pick a good password…

Its amazing how important online passwords are however people continue to use options like “justme” or even “password.” Some people think passwords to their email box are not that important because they don’t save financial items or important items there. What about when their bank password is reset and it is mailed to that email account with a weak password. Does it become important then?

Here are some tips for selecting a good password. There are also some links at the bottom of this article to provide further assistance.

A longer password is a better password. Regardless if the password is just a bunch of letters or numbers in a row, causing a hacker to break a 10 character password is going to take more time then it would to break a 4 character password. Here is a chart with some averages. Make sure to pay attention to the difference between each step.

# of Characters in Password Average time to crack the Password
3 .02 seconds
4 .046 seconds
5 11.9 seconds
6 5.15 minutes
7 2.23 hours
8 2.42 days
9 2.07 months
10 4.48 years
11 1.16 centuries
12 3.03 millennia
13 78.7 millennia
14 2,046 millennia

Passwords are safer if you use a variety of uppercase, lowercase, numbers and special characters. This follows up on the previous tip. If there are more characters needed to try in the password it is going to take longer to crack it.

Don’t use items easy to guess. Your dog’s name. Your college mascot. Your kids name. These are not good passwords. Don’t use anniversaries, birthdays or social security numbers either.

A password is not forever. It sucks being required to change your password every 30, 60, or 90 days but it also makes it harder to break into. Change your password 2-4 times a year. Change your password on the first day of each month.

Use a different password for everything. If you use the same password for everything and one password is compromised…then they are all compromised.

I found a great article written from a reverse engineering point of view. The article is called “How I’d Hack Your Weak Passwords.” Sadly this was originally written in 2007 but most of the techniques still work. Read through the article and see if you would fall victim to any of the techniques.

Think you have a good password? Find out how good at the password strength checker.

Here is an article posted on one of our favorites, Lifehacker.com - Pick a good password.

Here is another option for keeping your passwords in your wallet.

Leave a Reply


eight × 5 =