Hi everyone, I’m back with another Tech Tip! Today I’ll show you how to make a password that’s both secure and very easy to remember!
Chances are, you’ve probably heard someone at least once tell you that you need to make strong passwords for all your online websites. And with more and more services moving online, such as banks and social media sites, that advice becomes more and more true. The most commonly used passwords are “password” and “123456”, and pretty much everyone uses a single password on multiple sites.
As Steve Gibson of the Gibson Research Corporation said, your password is like a needle in a haystack. The “haystack” is how long your password is actually is, and you need to hide your “needle” well in it. Let me show you an example.
Which password do you think is more secure?
Believe it or not, the second password is. The reason is that it is both longer and that it contains all four types of characters: an uppercase letter (D) , a lowercase letter (g) , a symbol (periods), and a number (0).
“Making the password longer slows down their ability to figure out what the password is, and length matters more than complexity.”
-Steve Gibson, computer security expert
Why is this? Well, after hackers exhaust a list of commonly used passwords and dictionary words, they resort to a method called a “brute force attack”, which means that they use a computer to try every possible letter, number, and symbol combination until they find your password. Scary, isn’t it?
Now, you might find yourself asking, “wouldn’t hackers have a word like “D0g” in their dictionary?” They very well might. But the thing is, computers aren’t smart. They can’t make the connection that D0g and D0g… are just 3 keyboard taps apart. In fact, they can’t even know that D0g is part of your password unless they guess your entire password.
Let me explain. Websites do not accept passwords unless they are completely correct. That means that if you typed one incorrect character, it will reject your password. And it does not tell you, “You guessed every character correctly except for this one” — it only gives you two responses: true or false.
This is why, as long as you have those four types of characters (uppercase and lowercase letters, numbers, symbols), all you have to do is increase the length of your password and it will get stronger and harder to crack.
And this is the solution. You don’t have to remember long strings of jargon that you have to enter every time you visit a website; you could just take an easy-to-remember word and “pad” it. Padding is adding extra characters to words, making those passwords much harder to crack.
Here are some examples of padding:
- Instead of using “twitter123”, use “Twitter123–“.
- Instead of using “password”, use “Password1…”.
- Instead of using “hello”, use “Hell0!!!!!!!!”
For more information, be sure to check out the Gibson Research Corporation’s “Haystack Calculator“, which lets you find out how secure your password is, as well as explains this concept in more detail.
I hope this helped you make both stronger and easier to read passwords for your websites!