Here's a compilation of top security experts explaining why your passwords are weak, how easily they can be cracked and how quickly your accounts will be compromised.
Ars Technica Contest: Winner Cracks 90%
Ars Technica set up a contest to hack passwords. The winner was able to crack 90% of them and the hacker who won second place was able to get 62% of them (out of a total of 16,000 passwords). Read all the details of how they did it at: http://arstechnica.com/security/2013/05/how-crackers-make-minced-meat-out-of-your-passwords/^
XKCD : CorrectHorseBatteryStaple Is Weak
Many people know about the XKCD method popularized by the comic : http://xkcd.com/936/^
Maybe you think these long passwords are uncrackable. They're not any more.
Don't Base Passwords On Any Natural Language Words
Your password has to be more random, because computing power allows huge dictionaries to be tried in all manner of combination and are able to crack passwords based upon words.
C'YaPass Generates Random Hashes With No Words
C'YaPass passwords are only letters and numbers and contain no words. They are simply the SHA256 hash which is cryptographically strong -- you can't just try to guess them with brute force methods. Brute force methods would take more time than there has been since the beginning of time.
Bruce Schneier, Top Security Professional, Explains How Passwords Are Cracked
He even created a method that insures you don't use any natural language words since the crackers are adding commonly found phrases to their dictionaries.
Under his method for creating strong passwords you
- Choose a passphrase (sentence you'll remember)
- Convert it into a password by choosing first letter of each word
- Alter some chars with uppercase
- maybe add in a special character here and there
His example looks like:
"This little piggy went to market" might become "tlpWENT2m"
Overwhelming : Creating One of Those For Every Site
I think creating one of those for every site is extremely overwhelming though. Passwords debt is a huge technical problem.
This video is really funny because we've all been through these things with passwords.
Every Site Has Suggestions For Creating Passwords
Kim Komando : Radio Technology Expert
Here are Kim's suggestions for creating strong passwords:
Basically, the same advice that Bruce Schneier gives.
Microsoft: How To Create A Strong Password
Microsoft chimes in on what to do:
One of the five rules they provide is:
"Doesn't contain a complete word."
PNC Bank Provides Customers With Ideas For Strong Passwords
The PNC site refers to one of the online password generators which you can use to generate your password.
Strong Password Generator
Here are some sample passwords that the generator will create for you:
- ecNt/KsDaSUXo9J
- bzeP6cc[k_9pnJk
- ^>/7P-k{(A 1@;o
But, how are you going to remember those?
You'll probably have to save them in a text file or write them down somewhere.
Also, you could create passwords like that by simple mashing on your keyboard so I'm not sure how much added value this provides.
Even the GeekSquad gets in on describing how to create strong passwords.
GeekSquad (BestBuy) : Creating Strong Passwords
All of this is absolutely overwhelming and 95% of people who are online are never going to examine how to create a strong password.
Contradictory Information
There's also a lot of information that contradicts each other out there. For example, this lifehacks article says that password generators re-use passwords and you should probably stay away from them.
You Must Create Strong Passwords
Whatever method you choose, you must create stronger passwords.
Obviously I believe the best way is to get C'YaPass for free and start drawing your passwords.
With C'YaPass you'll:
- never memorize a password again
- never type a password again
- never make up a password again
It's Free: Try It Now
Browser Version Is HTML5 Canvas
The browser version does not require installation of anything. It does not use Flash. It runs in your browser via HTML5 Canvas.
Try the Browser Version, Get the App Free
Once you try it in your browser and see how easy it is you'll want to get the Android, iOS and Windows versions for free.