Creating a secure password is, today, the best lock against cybercriminals that we can have on our computer, in addition to a good updated antivirus. What makes a strong password and what doesn't? In this article we are going to solve these and other doubts about safe and reliable passwords..
Before looking at the tips to follow to get a strong password, let's understand better how to crack passwords .
How does a cybercriminal manage to crack my password?
To crack passwords , hackers use brute force , that is, they try and try with a program designed for this purpose (for example with a script ) either with a single computer or through a botnet . What happens is that they do not test randomly, which would make two passwords of the same length equally strong, but instead try the simplest keys first..
They usually start by checking the shortest passwords that contain only lowercase letters, numbers, or a combination of numbers and letters. In addition, they also use key dictionaries that contain the most common combinations and those that form a pattern (such as 12345 or qwerty ).
Finally, they also look at the language dictionary in the corresponding languages and other common words such as names and dates, so that they would crack a password that was Manolo1925 much sooner than one that was Minulo3125 ..
How can we generate a strong password?
These are some of the most useful tips when creating our own secure password .
- Use a mix of lowercase and uppercase letters, numbers, and special characters (such as hyphens, exclamation marks, or hash marks)
- Try to make it a long password , the more characters the more difficult it will be to guess, since the possible combinations grow exponentially.
- Avoid using numbers that could be dates, whether personal or not , or that form any pattern on the keyboard.
- Also avoid proper names of people, pets and places (especially those related to ourselves), including diminutives.
- Avoid combinations of letters that form patterns on the keyboard. like diagonals or any other shape. And it is that any mixture that is immediately easy for you to remember because it is a gesture with your hands, will be on your list.
- Don't use the same password for different services. If a cybercriminal manages to crack one, they would compromise the security of the rest.
How can I check if a password is secure?
There are different online tools to check if a password is secure , many provided by trusted services such as Intel or Kaspersky, and that offer complete information about the security that we want to use.
These services do not store or send the key that you are entering. They just run a little code in the browser itself to give you the result. However, it is recommended not to enter our real passwords , but to use it to check how the time needed for a cybercriminal to decipher it increases as we apply the advice in the guide.
Thus, with a password type "manolo" a normal computer would not take a second to decipher it.
But with a password generated by a website like LastPass (a service that stores the keys it generates in a secure virtual vault) it would be very resistant to hacking.
I can't remember so many complicated passwords
As we have seen, for a password to be secure it needs to be somewhat convoluted . And if on top of that we have to have different passwords for each service, then the cocoa in our heads is only comparable to when there were no mobile phones and we tried to know our friends' phone numbers by heart.
That is why there are services and tricks that help us remember our passwords safely. The alternatives are various and complementary.
- We can store our passwords in the browser . Both Chrome, Edge and Firefox offer password saving functionality and passwords can be synced between our different devices using our Google, Microsoft and Firefox Sync accounts.
- We may use third-party applications, such as 1Password or LastPass, that store, manage and synchronize all our passwords on all our devices (computers, tablets and mobiles) under a single key that protects them. They are more practical than the tools included in browsers, there are plugins to integrate them easily and fill in the fields automatically and, among many other things, they add an interesting function to create secure passwords when we register for a service for the first time.
- We can create our own algorithm that generates passwords based on each service in which we are registered, and that only we know. This way they will not be the same, they will be safe and we will be able to remember them simply by applying the algorithm.
And so far the essential guide for a secure password . Think that if you do not lock the door of your house with a toy padlock or leave the key under the doormat, you should not unprotect the door of your digital home with a password equivalent to a lock that opens with a safety pin.