The lowest point in the security of your online accounts is usually your password. Traditional passwords are no longer safe. Hacking techniques have evolved rapidly and significantly over the past few decades, but the way we create our passwords has not followed the pace.
The most recent and effective password attacks can try up to 300 billion suppositions per second, and this number will undoubtedly increase over the next few years. The raw force attack is a method used in cryptanalysis to find a password or key that consists in testing all possible combinations.
This method allows you to break all passwords in a finite time, independent of the protection used, but the time increases with the password length. In theory, the complexity of a raw force attack is an exponential function of the password length, making it virtually impossible for long passwords.
A correct password meets the following criteria:
Because the length of a password is one of the main security factors, passwords are much safer than traditional passwords. At the same time, they are also much easier to remember and type.
They are not as strong as randomly generated passwords by this tool, but they are always a good option if you do not want to use a password generator. They are also the best way to generate the main password for a password manager or your operating system account, as they cannot be filled automatically by a password manager.
Choose several random words. Add a few capital letters, numbers and symbols. You can add spaces between words if you prefer.
Do not place words in a predictable model or form a correct sentenceIt would be much easier to guess.
Do not use lyrics of songs, quotes or anything else that has been published. Attackers have massive databases of works published to build from possible passwords.
Do not use personal information. Even when combined with letters and numbers, someone who knows you or searches online, can easily guess a password with this information.
Do not use the same password on multiple accounts. A recent study conducted in the UK showed that 55% of users used the same password, most of the time "low", to connect to multiple sites on the Internet. Many popular sites fail to adequately ensure the security of your password in their systems, and pirates break them regularly and access hundreds of millions of accounts. If you reuse your passwords, someone who hacks a single site will be able to connect to your accounts on other sites. Make sure you have unique passwords for all sites that store financial or other sensitive data, or those that could be used to harm your reputation.
Make sure your password is also strong. With many online services, your email address serves your identification. If a malicious user accesses your email, it can easily reset passwords and connect to your account.
Don't share your passwords. Even if you trust the person, it is possible that an attacker intercepts or spies the transmission, or hacking the person's computer. If you suspect someone else knows your password, you must change it immediately.
Do not send your password in an email. E-mails are rarely encrypted, which makes them relatively easy for attackers to read.
Do not save your passwords in a web browser. They often fail to store passwords securely, to use a password manager instead. See the section on the above password managers for more information.
On a public computer, do not save passwords and use "Remember Me" in the options. If you do, then the next person to use the computer will be able to access your account. Also make sure to disconnect and close the browser when you are done.
Don't write your password. If he's written somewhere and someone can find him, he's not sure.
Don't change your passwords for no reason, unless you suspect they were compromised. As long as you have the highly recommended password type on this page, frequently changing it will not do anything to minimize the risk it is compromised.