If you even remotely follow any kind of information about passwords, you know that longer passwords are better than short passwords. That's because when it comes to cracking passwords, it simply takes more computing power. There are programs called "Brute Force" that actually just begin putting in characters in a disciplined manner to basically try every letter and character combination. The more computing power these systems have, the faster they can try those combinations. That means that the more characters those systems have to use, the longer it takes them to finally hit the right combination.
The second thing the experts recommend is to use random letters, numbers, and characters. Computers are *really* good at patterns so if you use your pet's name and the numbers 123 you are asking for trouble.
The logo at the top of this post is for a password manager that I like & use. Sticky Password keeps track of all of your logons AND it will also generate random 16 character passwords for you. It stores your info in the cloud so it is available when and where. you need it. It's a nice program, run by very nice people. I like small businesses and not only is it a good program, but if you purchase it, the company donates to save the Florida Manatees.
Now to the heart of today's post. Recently Ars Technica setup an experiment to try to break some long passwords. Now, first of all, this was a controlled environment and it was working with trying to reverse engineer some passwords in use. When I first saw the headline for the story, I was a bit taken back, but after reading it, I understand what they were trying to do. They managed to crack one password for a website, but if the user has used that password on other sites or other things, it is now vulnerable.
The golden rule & the lesson that you can learn from the Ars Techinca experiment is *DO NOT REUSE PASSWORDS*!!! That's the reason you need a good password manager. With something like Sticky Password on your side, you can come up was 16 character random passwords for *every* site you use. You can have a terrific password but if you use it on every site, you might as well not even be using one. Password security in practice is one of the most valuable things one can do to protect themselves and their data online.
No comments:
Post a Comment