• Share/Bookmark

Why password strength matters

by zeth 1337 on April 23, 2006

  • Facebook
  • Twitter
  • Blogger Post
  • MySpace

I read an interesting article demonstrates the value of strong passwords. Many people see passwords as obstacles to what they need, rather than the security mechanisms that they really are. Treat your passwords like your front door locks, like your social security number, and like your debit card; they all deserve healthy respect.


The article demonstrates the maximum time five different attacks would take to crack various passwords. The five attacks are differentiated by the computer speed and number of computers participating in the attack.

I find it ironic that passwords comprised of only four numbers (no letters) can be instantly cracked by even the slowest single processor. Shouldn’t our debit card PIN numbers be made at least six digits? However, even a six digit password gets cracked in a minute and a half by the slowest computer.

Using six mixed upper and lower case letters appears to increase the crack time to 23 days for the slowest computers, but only about 3 minutes on the fastest computer/cluster you could expect to be attacked with.

It appears using an eight-digit password comprised of numbers, upper case letters, and lower case letters is one of the strongest passwords. It gets cracked in 25 days by the fastest attack method and 692 years by the slowest.

The article points out that using special symbols (i.e. $, %, &, *) create even greater variations, but I shy away from using these. Symbols are often significant to many computer languages, and when they appear in some passwords they can potentially bug and crash software. Done carefully they may not, but my policy is to stick with the previous method.


The problem is we are human, and we more easily remember “joebob” rather than “mfTiAI06″. The secret to creating strong yet easily remembered passwords is to think of phrases meaningful to you, then use the first letter of each word. “mfTiAI06″ is meaningless to anyone but the person who knows that “my favorite Television is American Idol ‘06″.

I like to make my passwords from little motivational phrases, like “I am going to perform my best today” which can become passwords like Iag2pmb2d. Then you are motivated and positively reinforced throughout the day. Each time you must enter your password becomes less a chore and more a positive experience.

VN:F [1.8.4_1055]
Rating: 0.0/10 (0 votes cast)

Popularity: 5%

  • Facebook
  • Twitter
  • Blogger Post
  • MySpace
  • Share/Bookmark

Related posts:

  1. How to change your own IdahoFallz.com password
  2. YOUR Unsecured Wireless Internet is the Dangerous Weak Link
  3. How to create an online classified ad
  4. Prevent Windows XP Update from Auto Restarts
  5. Identity Theft: What’s behind it all?

Leave a Comment

You can use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Note: If you submit a comment and do not see it displayed, it may have falsely triggered the automatic anti-spam system for reasons beyond your control. Your comment will appear after it's approved by a moderator (usually within 24 hours or less). There is no need to rewrite and/or submit your comment again unless it still doesn't appear 24 hours later.

Previous post:

Next post: