What Makes a Good Password?

In the online world, everything is protected by a password. Email, Amazon login, your online bank account, and the list goes on. Your password is how you keep your accounts safe and your personal information out of the hands of less savory individuals.

And yet, people often use passwords that are easy to guess and can be easily hacked. Here are a few things you can do to make your password more secure.

1. Longer is better

The longer your password, the harder it is to guess using brute force hacking. This type of hacking is where a computer just starts guessing your password by going through every possible combination. A password that is 6 letters long, using only a-z, 0-9 has roughly 2.18 billion possibilities. This may sound like a lot, but a machine guessing at 1000 guesses per second would take about 3.8 weeks to go through that list. Increasing your password length from 6 to 10 increases the number of possibilities to about 3.76 quadrillion. Now you’re talking about needing a super computer to crack your password anytime this century.

2. Use more than just letters and number

The more types of characters you use, the harder it becomes to guess your password. Just using lower case letters and numbers there are 36 possible characters your password can contain. Add in a capital letter, and you just increased this to 62 characters. Now add in some special symbols (such as #,@,!) and you now have a potential of 95 characters that your password could contain. The same 6 letter password above, if we were to use uppercase letters and symbols, would have around 7.6 trillion possibilities. Comparing that to our 2.18 billion from before, that’s a significant increase, and all we did was add a few character types.

3. Don’t use your birthday in your password

Your birthday may be easy to remember, but it’s also one of the first things people will try when guessing your password. Along with your birthday you should avoid using:

• Your name
• Spouse’s name
• Kids’ names
• Relatives’ name
• Pet’s name
• Birthdays (yours, kids, relatives)
• Last 4 digits of your SSN
• Phone numbers
• Numbers associated with you (employee number, graduation year, street address)

Any of these sounds familiar? That’s because they are commonly used and hackers know this. They will be some of the first things hackers will try when getting your password.

4. Avoid using common words and phrases

It’s easier to use to remember a password that uses a word or phrase that you know, but that also makes it easier to guess. Using a password like At!lus5 may be easier to remember, and seem safe as your using numbers, upper and lower case characters, as well as special symbols, but it’s also a single word that has just been altered slightly.

Since it is easier to remember a password that is a word, most people use this. And hackers know this. They can eliminate possibilities of passwords that aren’t words, thus making it easier to guess. There are even tables, called rainbow tables, that have the most common passwords used. By using these methods hackers can guess your password more quickly.

5. Tips for better passwords

There is no perfect way of making a password. But there are some general guidelines you can follow for making your passwords more secure:

• Make it 10 characters or longer
• Use numbers, upper and lower case characters, as well as special symbols.
• Use a random sequence of characters rather than words
• Use different passwords for different sites

We at Atilus have hundreds of passwords to maintain and trying to remember them all is impossible. We use a service called LastPass to help us remember all our passwords. There are many password managers available out there and I encourage anyone to use one.