See hidden discussions | Win great prizes | Get free support
Making complex passwords is really, really easy.....
Take all the initials of all the members of your family.....
Then add your pets
So now you have...
Capitalise the parents and the animals...
Add the number of people and pets staying at your location (number of your house)....
Then add the name of your street.... (e.g. LaCoste Road - LR)
Then add the year that you moved into that house....
Then add the postal code for your area....
Voila, you have a password that is easy to remember but will take ages to crack....
"It would take a desktop PC about 285 nonillion years to crack your password"
Easier solution, make up a sentence that's easy to remember
3 duodecillion years to crack that
BTW thanks for your password and address.
You just made it longer... not more complex.
Something that I've never understood is why passwords require numbers.
That is to say, a password cracker will be unaware that my password includes numbers. So, it cannot assume that my password contains letters only, and must also check possibilities that include numbers, even if my password contains no numbers. The only way to be sure that my password includes no numbers is to crack it!
Yes, if you are doing a brute force attack, then it matters, but then it only does because the password is shorter without a number (in most cases). If you simply substitute a letter for a number, then it makes no difference to a brute force password cracker.
If the password cracker is using a dictionary attack (ie a pre generated list of common passwords), then that dictionary attack will usually include common variants of your password. So, it will have password1 as well as password, etc etc. So your password gets cracked anyway.
I think the two best guides for password security are 1) using longer passwords, 2) avoiding common dictionary words or phrases.
The alphabet has 26 characters
Add 10 numbers to that (0 to 9)
Add special characters, and you have a password with enough length that is essentially unbreakable by brute force (takes too long)
By adding the 10 numbers you are adding 10 new characters that need to be tested for, keeping in mind that each single character added increases the time taken to crack exponentially and not linearly.
You're not getting me though. How does the password cracking algorithm KNOW that I am NOT using numbers? It must assume that I am, in order to crack my passwords.
Yes I know about the exponential increase in password cracking times.
Lets look at the following two passwords: passwordI and password1
Both contain letters, while only the second also contains numbers. My point is, if I am writing a password cracking algorithm, my algorithm must also try numbers, since it does not yet know if the password includes letters only or letters and numbers.