Is Your Password as Secure as You Think it is?

Is Your Password as Secure as You Think it is?

Heather Parry

By Heather Parry

28 July 2014

You’ve seen it a dozen times before: you attempt to create a password, but the site requires it to be complicated. More than 8 characters, a capital letter, a number, and a special symbol. How on earth are you supposed to remember all of that?

There’s a reason behind these measures. The majority of people use passwords that can easily be guessed, and that, unfortunately, goes hand in hand with being easily remembered. In addition, people subconsciously use patterns that are significant to them, like birthdays, social security numbers, names, etc. Let’s go through some quick and simple tips to help you create a secure password, and keep your privacy private.

Brute Force Attacks

A brute force attack is a hacking attempt through the use of a computer program that tests every letter in the alphabet in sequence, as well as numbers, repeating this process over and over until it guesses the right password. For this reason, the majority of passwords commonly used today are very weak and ineffective. This is exactly why websites require passwords with so many combinations, to not only make it harder for humans to guess but also to guard you against hacking attempts. Creating a secure password will give you peace of mind and access to a better online freedom.

How to Create a Secure Password

Countless tests have shown that a single, 8-digit, lowercase only password can be broken in less than 10 minutes through a brute force attack. Even adding in characters like [email protected] or an uppercase letter extends the time to a few more hours. The true way to make a password much more difficult to crack is to lengthen it.

However, there is some merit to adding in special characters – provided you use characters beyond the most common, which are “!” [email protected] and “#.” For example, the password “password” would be broken almost instantly. However, changing it to “mypassword” increases the length of time to around 9 hours. “mystrongpassword,” on the other hand, changes the required length of time to crack it to _345 thousand years._That’s without any numbers or special characters, and the main reason is because of length. However, this is still not a secure password, as a dictionary attack – an attack using combinations of words from the dictionary – would break it relatively quickly.

Adding special characters, numbers will improve it even more. “my$trongp4ssword” would take over _16 billion years _for a standard computer to guess. It doesn’t get much more secure than that. (don’t use that example as your password, pick your own phrase!)

Additional Steps

Hacking programs are becoming more and more sophisticated. Although steps are being taken, such as software that prevents a user from guessing a password more than once every three seconds, you are still the first line of defense against information theft. If the password system allows it, use two words separated by a space. This makes it almost impossible for standard hacking programs to guess. As an example “my $trong p4ssword” would take a normal computer 63 quintillion years to break. For scale, that’s more than 1,050,000,000 times longer than the universe has existed. (again, don’t use that example as your password, pick your own phrase!)

It might take a bit of extra effort, but it’s easier to remember a complex password then it is to deal with the headache of a hacked account.

About Us

SurfEasy is a VPN tool that protects your online privacy and unblocks the internet. Use it on your Mac, PC, iPhone, iPad or Android.

Learn More