The crux with the passwords
Creating a secure password could be a lot easier, but many websites do not meet the requirements. We show you why!
Table of contents
Passwords are the source of most Internet security, apps and many services. The quality of a password determines the security of access, in addition to the security that the provider provides for its systems. In today's article we want to limit ourselves to the creation and management of passwords.
Actual situation
The general rules for creating secure passwords look the same today on almost all websites:
- Use of upper and lower case
- At least one special character
- At least one number
- Minimum length of 8 characters
Furthermore, passwords should be changed every 3 to 6 months to increase system security in case passwords are stolen or compromised.
Comparison
This method has its advantages, but also disadvantages for the application and the whole system. At this point we would like to briefly illuminate and analyze some disadvantages:
- Passwords can be forgotten more quickly due to the high number of changes or they can lead to security locks, because you get confused by the number and what's the current password.
- The password length is often limited and does not provide the full capacity for security. For example, some websites only offer password lengths of 12 to 16 characters. This way, many desired passwords can not be assigned.
- So that the users can remember the passwords, usually relatively simple passwords are used, which in turn reduces the security of the password and the system.
Administration
As we mentioned in an older article, you should manage your passwords with a tool that gives you security for your file, encrypting your data in its own container and remembering only a single master password.
Also, before using a password, check that it has not already been stolen in an older hack and is openly available on the Internet. Have I Been Pwned offers a test to ensure the security of the new password so that it can not be cracked with a simple dictionary attack of stolen passwords.
The password
The creation of a secure password, which is also easily memorable, is not rocket science. Today we want to explain briefly how it works.
Idea
The new password basically consists of 3 to 5 words, which are not encrypted with numbers or other characters and a special character of your choice, which increases the security of the final password even more.
Words
The words to use should be chosen consciously. They should not be among the most commonly used in the language, but rather belong to the rare ones. They should not be too short, but have at least 5 to 7 characters. The words should be case-insensitive.
Special charakters
After composing the individual words into a password, a special character should be placed anywhere in the password. This increases the security many times over.
Length
This brings you to a total length of over 20 characters, which is very good for security. Along with the special character, a hacker will need a very long time to crack this with Bruteforce.
Conclusion
A really good password does not have to be that hard. It can be easily created, but is also easily noticeable and applicable. The only problem here are websites and services that try with the above methods to enforce only secure passwords for the users and do not really give them a choice of what their password should look like. Alone, a limit of 12 to 16 characters can prevent you from assigning a secure password.
With today's article, we wanted to show you that there are also methods beyond the randomly generated passwords that generate meaningful and secure passwords on the Internet.
Source:
Youtube - Computerphile