Password Security: How Important Is It?


Do you use the Internet on a regular basis? Do you have email accounts, user accounts on online forums, internet banking accounts, instant messaging accounts, file sharing accounts? (the list goes on).

If you are one of these people (let’s face it, that’s everyone these days) you need to be careful about the level of password security you have setup on your online accounts depending on the sensitivity of the information you are wanting to protect.

password The importance of strong passwords to keep prying eyes away from your important bank details or email cannot be stressed enough. If you’re a bit lazy it will come back to bite you I promise, which is why when setting up a new online account of any kind you really need to give password creation some serious thought. The last thing you want is for somebody to come in and hack your email account, or get access to your online banking accounts and steal all your money right?

It’s all well and good to say you need a strong password, most people know this but how can you tell which passwords are stronger than others? I’m here to tell you.

Good Passwords:

A good password should have a mix of letters and numbers, with a combination of special characters also:

  • At least 6 characters. I would recommend 8 characters or more.
  • Should contain both lower and uppercase letters.
  • Should contain at least 1-2 numeric characters (0-9)
  • Should contain at least 1 special character (!@#$%^&*()_?)
  • Should not be based on reversed dictionary words

These are 5 good rules to follow when creating new passwords.

Password Strength:

Passwords get their strength from their length and word obfuscation. Word obfuscation basically means you hide the word with a similar looking word made up of differing characters.

For example, let’s say my password is ‘journey’.

It’s 7 characters which is a good start, but not very strong as it is possible to guess this word from a dictionary. However all is not lost, we can build upon this password by adding word obfuscation:

Original password: journey

New password: J0URney

It still looks like our original password, but it would add an extra layer of complexity to the password making it more secure. That’s not all we can do though, and as I described above you really should do more.

We can further build upon our password by differing the characters used and adding postfixes to the password:

Current password: J0URney

New password: J0urney!89

Passphrases:

There are various meanings in the industry on what a passphrase is, but my interpretation of a passphrase is a password made up of a series of words or phrases creating one big password.

Large passwords (greater than 12 characters) can be quite hard to remember, but its easier for the brain to remember a phrase instead as the words are put into a context that’s easer to remember.

For example:

J0urney!89B@ndR0cks!

This would be a very hard password to guess and to break with brute-force, it has a large number of characters with differing characters (caps, lowercaps, numbers, special chars, etc).

Strong Password Generators:

If you’re still unsure on what password you should use for whichever account you have there are many websites that can help you generate a very secure password:

http://www.goodpassword.com

http://strongpasswordgenerator.com/

I could go on and on all day about the importance of online security and password security, but I’ll save you all…most find this stuff boring but for us Computer Scientists….it’s what we live for!

Advertisements

One thought on “Password Security: How Important Is It?

  1. I enjoyed your post about password security. That’s one of my favorite topics in my blog (in fact, I wrote something today about how programmers store passwords). It’s really frustrating for me when I have a really strong password and someone does something stupid with it like email my password to me, store it in plain text, or have me verify my social security number as authentication.

    I hate when I’m trying to type a password in and I can’t use # or ! or other special characters or I can’t use a password longer than 12 characters. I mean, why limit me on the strength of my own password? Oh well, thanks for the blog post. It’ll get people to use secure passwords, but it’s up to the programmers out there to handle them better.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s