Since it’s not too nice to just sit here all day and plug our own products in blog posts, it’s about time we share with you a couple of our favorite tips for staying safe online. Today’s tip is related to one of the most sacred things we possess in the technological world: our passwords. We try our best to think of a clever password that we’ll always remember and that nobody would ever guess…and then forget it about an hour later. I know how you feel. As it turns out…no, as these things often turn out, the whole world is just way, way overthinking this whole password thing.
We’re gonna slow you down here and stuff some roses in your face. Smell them.
Studies show that passwords that contain numbers, letters, and symbols in a random pattern, while fairly secure, are still not the most secure passwords out there. Evil hackers who use ridiculously advanced software can only do so much. They compile data on the most commonly used passwords, guess those first, and if those don’t work, they begin creating random passwords, working upward, until they get the right one.
Keep in mind, though, that this can all happen in a manner of minutes after the hacking begins. For example, a very common password is “poop.” So common, in fact, that it ranks in the top 640 most-used passwords on the internet. Cracking that password, though it’s way down around #640 on the ranking, still would only take about 30 seconds. The password, “chicken,” is in the top 140, which would take about 10 seconds. The password, “monkey,” is in the top 20. A fast enough desktop computer guesses that in the blink of an eye. As a side note, that’s really weird that “monkey” is in the top 20. Why do you all like monkeys so much?
Enter my new favorite website, How Secure Is My Password? It’s exactly what it sounds like. Punch in your password, and it will analyze it character-by-character and estimate how long it would take an average desktop computer to guess that password. Of course a four-letter word like “poop” is easily guessable. The next idea is to add more letters. That was my idea when I was younger and used the password, “chewbacca.” According to How Secure Is My Password? that would only last about six hours before it got cracked. Limiting your password to the alphabet makes it more vulnerable to being guessed.
Working capital letters into your password can have a great effect on its security, but not too much. Changing “chewbacca” to “Chewbacca” extended my guess time to 128 days.
Adding different characters to passwords exponentially decreases the chances of the password being guessed. Random characters like @, #, and $ are commonly tagged on to passwords to make them even more secure. This has a remarkable effect on the amount of time it takes to guess the password, but it’s not necessarily foolproof. According to How Secure Is My Password?, the passwords “chewbacca#” and “chewbacca$” each would take about a year to guess.
Adding numbers can also help. If you were to make an “ideal” password out of letters, numbers and symbols, it would probably look like this:
According to How Secure is My Password?, a desktop computer wouldn’t guess that password for seventy-one freaking THOUSAND years. 71,000. Yikes. A lot can happen in 71,000 years. In fact, 71,000 years ago, we almost all died. There’s a little more learning for your day.
This all amazed me as I was fiddling with the password tool, testing every password I’ve ever used and finding ways to improve the ones I had. It was at that point that I did something absolutely, positively outrageous. I…put a space in a password. Just to see what a space did to the password’s security. Instead of putting in a new variation of the single word “Chewbacca,” I just popped in the simple, three-word phrase, all in lower-case, “han and chewie.”
Then, I fell out of my seat.
Yeah, as it turns out, spaces are the invisibility cloak of password security. A simple, three-word phrase is virtually un-guessable for any modern password hacking utilities. I don’t exactly know why, but those spaces completely throw the system off to a point that it almost refuses to incorporate them. The spaces themselves create new words within the passwords, which multiplies the difficulty of guessing the password because the computer has to guess completely new words after it finds one.
17 million years, though? That’s absurd. This might be the safest I’ve ever felt. The crazy part, to me at least, is that the passwords that are hardest to guess also happen to be the easiest to remember. I can’t imagine remembering “$kyw41k3r#” before I remember “luke and leia.” Which kind of means that I’m smarter than a computer by a margin of 17 million years.
Yes, that is absolutely what that means.
Keep in mind, however, nothing is absolutely guaranteed. The power of these computers can vary, as can certain wild cards such as keyloggers. Always make sure you’re being safe and secure with the way your passwords work, and where you put them in. Make sure that the recipient does not save that data, and always vary your password from site to site. Don’t let one password be your password on every site – that means, if that one password fell into the wrong hands, somebody sinister would have access to your everything on the internet. Be smart, be safe.
We suggest you head on over to How Secure Is My Password? if only to make sure that you’re doing the best you can do to keep yourself safe. Their page also has a link to their sister site, “Make Me A Password,” which offers a generator to make you the perfect, un-crackable password. How do you keep yourself safe? Share with us at firstname.lastname@example.org. Happy passwording!