How to Create Passwords That Aren't Easy to Crack
Author: Trevor Johnson
More and more things involve us using passwords. And with the ever increasing power of computers, it's getting ever easier to crack this layer of protection. Computers don't care how complex the password is, they'll just keep chipping away until they get the answer. So how can you create a password that is easy for you to remember but difficult for a hacker to crack?
Let's take a step back here…
Something like the 4 digit PIN number that keeps your ATM card safe is stupidly easy to crack. By definition, there are less than ten thousand combinations and a computer could crack that without breaking a sweat. The only thing that keeps your money safe is that the banks limit the amount of attempts that can be made before the card is swallowed by the ATM machine.
Online passwords aren't usually treated in quite the same way. Some sites and software programs will lock out a user after a certain number of attempts. Others will just think (if that's the right word) that there's nothing unusual about a few thousand attempts being made on your password.
Whatever happens, the more complicated you make your password, the less likely it is to be cracked by either a computer program or a hacker.
Where to begin
Start by making sure that your password isn't blindingly obvious.
You'd be amazed at the number of people who use "password" or something like "123456" as their protection. Both those are just plain dumb to protect anything significant.
Don't use common words as your password either. Most programs will start their password cracking with what is known as a dictionary attack. As the name suggests, this just goes through a complete dictionary of words from start to finish in the hope that you'll have used one of those words as your password.
So throw away the easily memorable stuff and you're past the first hurdle.
Mix up the case
A dictionary attack on your password takes a fairly short period of time. Computers enjoy running through a list and testing every possible combination.
But if each word can be a mixture of upper and lower case letters, things take a lot longer.
For a simple 3 letter word like "and", the computer hacker would have to try:
and, And, ANd, AND, aNd, aND
That gets a lot more complicated as the password gets longer.
Throw in some numbers
If you want to make this easy, swap things like the letter "o" for a zero and the letter "l" for the number 1.
Of course, that runs the risk of the hacker doing the same swap but if you mix this in with upper and lower case, you've just exponentially increased the difficulty of cracking even a short password.
Use "special characters"
Now the trickiness of your password gets even more complicated.
Special characters are anything else the program accepting the password will let you use.
They could be a hyphen or underscore. Or they could be weirder like a dollar or euro currency symbol.
Throw in even just one of these characters and make your password a decent length – maybe a mixed case name plus a few numbers and a special character or two – and you've got a password that is worthy of the name so long as you don't resort to sticking it on a Post It note next to your screen.
That said, it's easy to recover things like a lost PDF password due to the relatively short password length.