Dwight Watt - Newspaper Article #438 12/5/2018


Question: What is a strong or complex password?

Answer:

You will often see that when setting a password, they require a strong or complex password.

People have often used the same weak password or use the same password everywhere. Both these are problems. The most used password is password or password123 according to studies and used about 70% of the time the studies say. This makes it very easy for hackers to break in your accounts. The second problem is people use the same password on all their accounts. Easy to remember but if your password is in information stolen in the various reports of large numbers of accounts information stolen, hackers don’t just know your password to that site but all sites you use.

You don’t have to have totally different passwords by sites to be impossible to remember but either a pattern to know how changed or using a mnemonic by the site.

A complex or strong password is one that contains lower case letters, upper case letters, numbers and special characters and usually at least 8 characters long although some require longer. For instance, we can make password a strong or complex password by changing to the following: P@ssw0rd. This becomes much harder to guess and dictionary attacks will not work where they go thru using a list of words from the dictionary or known passwords.

If your name is Jane Doe and you were creating a password for Gmail you might make a password like D0gma1le where gmail is inside doe and characters switched. You could also take a phrase like Jane Doe gmail account and use the first two letters from each word and change a to @ and o to 0 and get JaD0gm@c. That looks like it is totally random but has a pattern you can remember.

There are also password managers out there that will keep up with all passwords and and/or assign random passwords. I do not use them as I have this fear on all passwords stored in one location of hackers hacking them and stealing information and now they have all my passwords, usernames and accounts. They may not have been hacked yet, but they will be. There is not a 100% site, you just try to keep it as close to that as you can, and that keeps changing.