Top
image credit: Pixabay

Creating the Perfect Password: Simple Tricks that Makes it Almost Impossible to Break

April 20, 2022

Category:

Creating the perfect password is not a complicated endeavor, and it is crucial for business and personal safety. Passwords like 123456, “password” and “qwerty” are common, and should be avoided. Even more complicated passwords can be easily cracked if a computer program is systematically trained to perform such a task. This matter concerns every digital citizen, because hackers are active, cunning and motivated. Follow these tips to choose secure passwords. 

Simple tricks for creating strong passwords 

According to Security.org data, adding even a single capital letter to any password can dramatically alter its security potential. An eight-character password can be cracked in 22 minutes if it has one capital letter as opposed to one second without a capital letter—an increase in difficulty of over 1,000%.

While the range added in this case is certainly not good enough to achieve a satisfactory password, the security improvements achieved by using characters can be multiplied. Experts estimate that if at least one capital letter and a number is used, an eight-character password would now require an hour to crack by a computer. If a symbol is added, it takes eight hours. A twelve-character password with a capital letter, a number and a symbol would take a computer 34,000 years to crack. 

When multiple character types are used, the potential combinations that make up the password increases exponentially. With only 26 lowercase letters, an eight-character password can be explained by 26^8, which points to approximately 209 billion possible combinations. Adding uppercase letters, it increases to 52^8—53.5 trillion combinations. Using added digits, it rises to 62^8, or 218 trillion combinations. Symbols add another layer of security, and since only those few displayed on computer keyboards are convenient to use, this once again raises the number of combinations to 90^8—or 430 trillion combinations.

Best practices for creating secure passwords

Weak passwords can easily be guessed by robots trying to hack into your account. Fortunately, there are simple rules and tips to create strong passwords: 

  • It should be at least 16 characters long.
  • Include a combination of letters, numbers and characters.
  • Do not use a password on any other account. 
  • Avoid including personal information, such as an address, phone number, or easily accessible information available on social media, e.g. names of children or pets. 
  • Don’t use consecutive letters or numbers.
  • It should not contain the word “password” or repeat the same letter or number.

Bad passwords habits at home and work

According to a 2021 study on America’s password habits, more than two in three people continue to use the same passwords across multiple accounts, and approximately 37% are still sharing their personal passwords with other people. 

Recycled passwords are the easiest to hack, even when they’ve been slightly changed—which is how most respondents come up with their codes. 

The study reveals that 57% of its target group admitted to tweaking old passwords and substituting characters when updating their information, 79% of users generated their own passwords by creating new combinations using full sentences (19%), selecting random words from a dictionary (17%) or rolling the word dice (13%). While the methods for generating new passwords varied, they all shared the same weakness—real words can be cracked more easily due to it being recognizable strings. 

Furthermore, the use of password generators nearly doubled over the previous year, from 15% to 27%, and 85% of respondents have employed two-factor authentication, thereby adding an extra layer of online security.

Other surprising conclusions were reached following a Ponemon Institute survey of more than 3,000 individuals and IT specialists. The study, titled “The 2020 State of Password and Authentication Security Behaviors”, showed that password reuse was more common for IT professionals (50% admitted to reusing passwords on work accounts) than for other individuals. IT professionals were also almost as likely as other individuals to share passwords with others (51% and 49% respectively). 

One of the more shocking statistics was that after experiencing an account takeover, 75% of individuals changed the way they protected their accounts and managed passwords, but a much lower percentage (65%) of IT specialists did the same.

Conclusion

Compromised passwords could result in serious financial losses for both businesses and consumers. By following these simple tips and new insights, strong and secure passwords can be created—thus being the difference between a devastating data breach and ultimate personal safety.