If you Like HowToVanish on Facebook then we will give you one of the $2-3 30 page Mini-Guides for free. Just send us a message on Facebook and let us know which one you want: (1) Financial, (2) Political or (3) Personal.

Good Passwords Strong Password Tips Password Strength

Strong Password Generator: Create Good Passwords

by DS on June 6, 2010

Reading time: 4 – 6 minutes

My friend Bill asked me to do a guest post on his website on something to do with technology security, since I’m his resident geek friend. Without hesitation, I quickly told him one thing: good passwords. Now, passwords aren’t the be-all-end-all for data security, but strong passwords and password strength are the heart of any strong privacy system. They keep people out and only give access to data to those in the know.

Good Password Tips

For my data privacy, I use a concentric circle model: I start with a strong core and add successive layers of strength around the core. Starting with a core of strong passwords, enveloped by successive layers of strong technology, your data has a much better chance of staying private.

Password Strength

This presents an obvious question: what makes a good password? Password length and password content. I’ll use a briefcase combination lock to illustrate my point.

A typical briefcase uses a three-digit combination lock to keep its contents secure. The number of placeholders determines the number of total possible combinations. With a briefcase combination lock, since there are three digits in the combination, there are three placeholders.

For each placeholder, there are 10 possibilities: 0-9, or 10 digits. Since there are three placeholders, the total possible combinations are 10 X 10 X 10, or 1,000 possibilities. An industrious child with time on his hands could work through those possibilities, making it a fairly weak password system. What if we throw in a second three-digit combination lock? Assuming you use different combinations for each lock, you’ve just doubled your security.

However, instead of adding a second lock, what if we increased the length of our combination? With a four-digit combination lock, there are 10 X 10 X 10 X 10 total possible combinations, or 10,000. By adding one single number, we just increased the total number of possibilities by 9,000! For every additional placeholder in a combination, the amount of possibilities increases exponentially.

Now, if you’ve made it this far and haven’t tried to jimmy open the briefcase with a crowbar, that last sentence is the most important part. An additional placeholder increases the number of possibilities EXPONENTIALLY! How can we use this to our advantage? By making your passwords as long as possible to increase password strength.

Good Passwords and Strong Password Tips

Other Good Password Tips

In addition to password length, a strong password also depends on the content–the actual words used. This means avoiding dictionary words and common phrases. Malicious users can use password-breaking software that can scan through entire dictionaries in mere minutes. Sure, using “hippopotomonstrosesquipedaliophobia” is great for password length, but since it’s in the dictionary, it’s easily crackable. A simple solution? Break up dictionary words with numbers and symbols.

Good Passwords Use Numbers, Letters and Symbols

Using numbers and symbols help strengthen your password in two ways: (1) numbers and symbols are not commonly used words or phrases, and (2) numbers and symbols increase the number of possibilities per placeholder.

For example, if your current password is “catnip” and you want to increase your password strength, there are a few things you could do. You could capitalize the “c,” use the “@” symbol in stead of an “a,” and put a number at the end of the password. “catnip” become “C@tnip1911.” While it isn’t the longest password in the world, it definitely is a stronger password than your previous one.

One Last Strong Password Tip

Now, before you thought you escaped all the math in this blog, I need to give you a little bit more. Wait, don’t go! Remember back to our briefcase combination lock? Since that lock only used numbers, there were only 10 possible combinations. What happens when we throw in letters? Add 26 more possible combinations. Case sensitive letters (upper and lower case)? Another 26 letters. The symbols found on your keyboard’s number keys? Add another 10. Instead of a measly 10 possibilities per placeholder, you could potentially have 72 possibilities per placeholder. 72! Coupled with a 10-digit password, the amount of possibilities is 72 X 72 X 72 X 72… well, you get the picture–it’s a lot!

Bottom line? IliKeC@tnip$1928 is a lot stronger password than catnip.

Conclusion

That is all for this week’s geekery. Stay tuned to the next installment to figure out how you are actually supposed to remember all these passwords. Hint: you are not.

No tips yet.
Be the first to tip!

Support How To Vanish - Tip With Bitcoin

17UZUmqkihT3Ncv6dvbh2XbXXv1NP9rArC

Find this post helpful? Please consider tipping with Bitcoin. Each article gets a unique Bitcoin address so by tipping you help make How To Vanish sustainable and give valuable feedback on which content is most appreciated!

12,813 random numbersEmail Email Print Print

8 comments

ABOUT THE AUTHOR: DS is an attorney in California and an expert in data and electronic security. This is merely one article of 2 by .
Free HowToVanish Privacy Guide

{ 6 comments… read them below or add one }

1 John Halden July 1, 2010 at 7:19 am

Can I buy a password generator from your company?
thank you, lutherthuser@sccoast.net

2 Richard April 15, 2011 at 1:51 pm

I use RoboForm which also works great.

3 Paul Williams April 26, 2011 at 2:36 pm

Some great password tips. Thanks. Here’s a (free) tool to help create very long, very complex but memorable passwords. Try it out when you get a chance. Thank you. http://safepasswordmanagement.com/online-password-generator/

4 Kevin Beck May 19, 2011 at 9:01 am

One thing I found out about the briefcase example that shows you don’t even need a crowbar: Most of the combination locks on a briefcase can be reset by pushing the unlock buttons in the opposite direction from when you open it. Just do this, and you will automatically open the case and reset the combination at the same time.

5 Richard October 26, 2011 at 3:24 pm

I always suggest http://www.diceware.com as the method to produce secure passwords that are surprisingly easy to remember. The site also breaks down the mathematics and realities of password security. The password is just ONE vector of attack.

Use that method to generate a new password for every site that matters to you. Then you can use LastPass to store them with your browser, or if you do not trust that, you can use KeePass on your TrueCrypt encrypted USB Drive.

6 TripWire October 28, 2012 at 3:00 pm

Kevin Beck,

The article was not about briefcase security dude, he was using a briefcase as an example.

Leave a Comment

{ 2 trackbacks }

Previous post:

Next post: