Password is the key to your safety, right said! But, how many of us often think about the possible threats to passwords. Guys, there are many wicked ones out there, who have only sole motto of ruining innocent people. Today, I’ll help you get a strong password for you, thereby making you aware of the cons of ignorance. Of course, this cannot guarantee the safety, but the knowledge here will definitely make you more smart & wiser!
What Not To Use for Passwords?
Many users use in their passwords things from personal life, such as:
DO NOT use this, under any circumstances. These things can be easily guessed, and more easily cracked. Never use obvious things from your life, such as names, birthdays or other dates. Anyone who knows you a bit can easily guess your password. Password crackers have all the names, and can try hundred of number combinations very fast. Never use these things in your password.
Password generators do indeed create strong passwords, but they have other flaws. The passwords that they spit out are hard to remember, and take long to type. They are also vulnerable against the password-generating algorithm, which some password crackers might use in order to reverse the decryption process.
An online example here:
The Longer The Password, the Better
In the old days, the characters in a password of an NT box were limited to 14. Today, Windows 2000 and Windows XP allow up to 127 characters as a password. The longer your password, the longer it will take to crack. One thing that was discovered is that if you make a password in Windows longer than 15 characters, Windows does not store the Layman hash properly. This protects you against brute force attacks of password crackers.
Make Use Of Characters/Symbols
In order to make strong passwords, it’s recommended that you use all types of characters and symbols.
Lower Case – a,b,c,d
Upper Case – A,B,C,D
Symbols – @,#,$,%,^,
Numerals – 1,2,3,4
Alt Characters – Â, €
It is highly recommended to use a combination of these characters, numerals and symbols. If you don’t want to use the Alt Characters, use upper and lower case, numerals and symbols, which will create strong passwords, and make it hard for password crackers to break it. One interesting example could be [email protected], while this might seem unusual to you, this password uses upper/lower case characters, numerals, and symbols. When I put it in a Password Strength Meter, it showed me that it is a very strong password. However, make sure you don’t use your real email address. This kind of type is only an example. It uses all the characters and symbols; it’s easy to remember, hard for password crackers to break, and no one could even think of guessing it.
Passwords in Windows 2000 & XP can use space. It is not recommended to use space at the beginning or at the end of the password. The other downside of it is the sound that the keyboard makes when your press the space bar, and someone can easily tell that you pressed space on your keyboard.
Some people think it’s good to write a word inverse. Such as admin, could come nimda. Password crackers will try to reverse all the words, so it’s not a good idea to write inverse words. It’s still easy to crack a normal word, even if it’s inverse.
Using Different Passwords For Different Accounts
Why don’t all the doors on your street use the same key? Because your neighbors don’t want you in their house. It’s the same with you. If someone breaks or finds out a password, you don’t want them snooping at your other accounts, such as online banking. That’s why it’s recommended that you use different passwords for different accounts. I don’t mean use a different password for every account, but use one for your email and forums, and a different one for banking. But surely, please use a different one for important stuff such as banking, online shopping, or anything that has your credit card number in the account.
If someone is after you, they’ll likely to try to break your email account first. If they find out that, they will try the same password for your other accounts too. In the end, you decide how you want to divide your accounts and passwords, likely due to how paranoid you are.
Writing Down Passwords
If you want to write down passwords, for whatever reason, make sure you keep them locked somewhere, in a safe if possible. Under no circumstances are they to be left on Post It notes, and pieces of papers in your desk. The room/office where your computer is located will be the first place that someone who breaks in will look for a written password.
One reason that you might want to write down the password of the admin is in case he quits, so you can have access to the network. But if you do write it down, make sure it’s locked properly.
Public/Office Physical Security
Another issue is keeping your password safe in a public/office work-space. People that walk by could peek at your keyboard while you’re typing. Also, people who sit besides you could peek over at your keyboard. It happens in an environment where are many persons, and getting your password can be as easy as seeing what the person is typing. That’s why you need to be familiar with your password. If you are, you can type it very fast, and even someone who is looking at your keyboard very close couldn’t tell everything that you typed.
Make sure no one stops behind your back, and if you are sitting close to someone, type the password fast and don’t let them see the keyboard. Some people aren’t even ashamed to look at your keyboard while typing the password.
Convenience Over Security
Many people don’t even put passwords on their home computers. I can understand this, because every time you boot up you have to type the password. If you just let the system boot up without any logging on, it’s easier. But what if someone breaks into your house, and steals it? It’s going to be very easy for that person to get all your personal info. But putting passwords on people who travel with a laptop is a must. Laptop theft, and misplace happens a lot, and the first thing someone does after they get your computer is try to crack the password.
I think that most laptops today come with tracking devices, and if your password is secure, it could take weeks if not months for a password cracker to break it. This could mean that your laptop could be recovered before they broke your password.
Eventually, any password can be cracked. But the amount of time it takes to crack a password depends only on how good the password is. If it’s a hard one, it could take weeks, and eventually, whoever is trying to crack it, will probably give up after a couple of hours. Password crackers are not sci-fi, as some people would think. Password crackers use world lists, brute force attacks, or both at the same time. Word lists is exactly what the name says, a very long list of words, which are combined in different methods in order to crack the password.
Brute force attacks simple make every possible combination of characters and numerals, until it finds the password. Brute force attacks are very slow, but eventually, they will find the right combination. Probably the most well known password cracker is John The Ripper.
A thing that is widely overlooked by people is the ability to reset passwords. This is probably the easiest way to “break” someone’s password. It’s very simple, and even if you do have a strong password, anyone who knows you a bit can easily reset the password, make one of his or her own and take over your account.
It can be done so quickly, here are the steps on how easy you can reset a Hotmail password. So you enter the email address, and type some bogus password. Then it tells you the password is wrong, and you want to reset it. You pick the country, and then you pick the state. Pretty easy if you know someone’s password. There are hundreds of free online directories, such as White Pages and Yellow Pages, so type the name, and you easily get the zip code. This is for US, because if you’re trying to reset someone’s password that lives in Canada, it doesn’t even ask you for a zip code. Here comes the part that really matters. How hard is the secret question and how hard is it to answer?
Some of the secret questions are:
Favorite pet’s name Favorite Movie Anniversary Father’s Middle Name Spouse’s Middle Name First Child’s Middle Name High School Name Favorite Teacher’s Name Favorite Sports Team
If you know somebody, even just a bit, you probably know the answer to these questions. So please, after you made your account, change the secret question and the answer. Don’t make it easy and take it for granted, because probably the first way someone will try to get your password is by resetting it. Make the answer and the question difficult. One good question that I came across when I was trying to reset someone’s password was: “Once upon of time” now this may sound like a fairy tale, but I really got no idea what to type.
There could be a thousand of answers to that. So, if you really care about your password being strong, make sure you make a good secret question and answer. And this is not just for Hotmail, but many other online services use this resetting method, extremely flawless if not used properly.
The Importance of Logging Out
Another thing that can be used to take over one’s account, no matter how strong the password might be, is forgetting to log out from accounts when using a public computer. Some browsers do log you out automatically when you close it, but others don’t. So please, if you do use a public computer, always log out from all your accounts.
Even if you do have a strong password, it can still be found in other ways, if you’re not careful. Social engineering, the nice way to ask for someone’s password is one of them. This is for those 70% of people that would reveal their passwords for a chocolate bar, as a study conducted this year shows. Don’t give the password to anyone, for whatever they got. Don’t give it to your parents, friends, girlfriends, wives, or no one else. If there is a real problem, the system administrator will probably come to you and ask for it. Another way to get a password is through key loggers. Be careful that you don’t have one installed on the computer. Make spyware and virus checks often.
The best password is one that you can come up on your own with, not one that’s spit out by a password generator. You must be familiarized with it, so you can type it fast, in case anyone is peeking over at your keyboard. A good password contains upper/lower case characters, numerals, and symbols. Also, it has to be long, 15 characters if possible. Only you can decide what the best password is for you. If you’d like to test the strength of it, please use the Password Strength Meter , or install a password cracker on your system to see how long it takes to figure out the password.