Having our accounts protected is very important, both for the information they contain and for the fraudulent use that may be made of it (with spam and the spread of viruses and malware at the forefront). That is why it is essential to know what does and does not make a password secure , as well as other basic security issues..
But before looking at the tips to follow to get a strong password, let's understand better how to use brute force to crack passwords . Then there is the matter of social engineering, but we will deal with that matter another time.
How does a hacker crack my password?
To decrypt passwords, hackers use brute force , that is, they test and test with a program designed for this purpose (for example with a script) either with a single computer or through a botnet. What happens is that they do not test randomly, which would make two passwords of the same length equally strong, but they try the easiest passwords first..
Thus, they usually start by checking shorter passwords that contain only lowercase letters, numbers, or a combination of numbers and letters. In addition, they also use password dictionaries that contain the most common combinations and those that form a pattern (such as 12345 or qwerty). keyboard
Finally, the normal dictionary is not left in the corresponding languages and other common words such as names and dates, so they would decipher a password that was Manolo1925 much sooner than one that was Minulo3125 .
Essential guide to a strong password
Considering what we've learned about how our passwords can be cracked, it's easier to glimpse the content of this must-have guide to a strong password :
- Use a combination of lowercase and uppercase letters, numbers, and special characters (such as hyphens or exclamation marks)
- Try to make it a long password , the more characters the more complicated, since the possible combinations grow exponentially.
- Avoid using combinations of numbers that can be dates or that form a pattern on the keyboard.
- Also avoid proper names of people, pets, and places, including diminutives.
- Also, avoid the letter combinations that form patterns on the keyboard, as Chinese as it may sound to you, they are on your list. In fact, any combination that is immediately easy to remember because it is a gesture with your hands, will be on your list.
- Finally, do not use the same password for different services , because if a hacker were to decrypt one, it would compromise the security of the rest.
How can I check if a password is secure?
There are different online tools to check whether a password is secure , many provided by trusted services such as Intel or Kaspersky, and which offer more complete information on password security than that provided by the security indicators included in the forms when we we register in a service..
These services to check if a password is secure do not store or send the password you are entering, they simply execute a small code in the browser itself to offer you the result. However, it is advisable not to enter our real passwords , but to use it to check how the time necessary for a hacker to decipher it increases as we apply the tips of the guide.
Thus, with a "manolo" type password, a normal computer would not take a second to decrypt it, whereas for the last combination (Minolo_3125) it would take 10 years, and it would still be more secure if we opted for Minulo_3125. Still, a bot bot could crack it in 30 days , and a super computer in hours. But if we add a few more characters, that same super computer would take nine centuries.
I can not remember so many passwords so complicated
As we have seen, for a password to be secure it must be somewhat complicated . And if on top we have to have different passwords for each service, because the cocoa in our heads is only comparable to when there were no mobiles and we tried to know the phone numbers of our friends by heart.
That is why there are services and tricks that help us to remember our passwords in a secure way. The alternatives are various and complementary.
- We can store our passwords in the browser . Both Chrome and Explorer and Firefox offer the function of saving passwords and these can be synchronized between our different devices using our Google, Microsoft and Firefox Sync accounts.
- We can use third-party services and applications, such as 1Password or LastPass, that store, manage and synchronize all our passwords on all our devices (computers, tablets and mobiles) under a single password that protects them. They are more practical than the managers included in browsers, there are plugins to integrate them comfortably and that they fill in the fields automatically and, among many other things, they add an interesting function to create strong passwords when we register for a service for the first time.
- We can create our own algorithm that generates passwords based on each service in which we are registered, and that only we know. Thus the passwords will not be the same, they will be secure and we can remember them simply by applying the algorithm.
And so far the essential guide to a strong password . Think that if you would not close the door of your house with a toy padlock and leave the key under the doormat, you should not leave the door of your digital house unprotected with a password equivalent to that padlock that is opened with a safety pin.
