How to create strong passwords

Our last blog on security (found here) discussed the importance of creating unique passwords. Each login should have its own password. This way a data breach by one company will have limited damage, because bad actors cannot use one password to access all of your other online accounts.

Do any of these passwords look familiar to you?:

123456
password
123456789
Password1
letmein
qwerty1

These are some of the most commonly used passwords, making them easy to guess and easy targets for a brute force attack.

By creating strong passwords you reduce the risk of having your online accounts taken over in a “brute force” attack. A brute force attack can happen after a large scale data breach, when bad actors have the data to compile password lists and create password dictionaries. Bad actors then combine these password dictionaries with software that attempts to log in to accounts. With terrifying efficiency, the software allows hackers to try hundreds of passwords per second, and when they find a match, they gain access to your account.

So, how can you create a strong password to reduce the risk of a brute force attack?

A strong password should be:

1. Unique
2. Not too personal 
3. It should also be at least 12 characters long, use upper and lower cases, as well as symbols. (Think VqSbQy3X4#86Hdxv%Es15O^ or Bqza0*9H^kfd772r48WJ5Bu)

My preferred method to create strong passwords is to allow a password manager to do the heavy lifting. Not only do password managers generate strong passwords, but they will even save them for you.

Another common method for creating strong passwords is to actually start thinking of these as pass phrases. The xkcd webcomic has a good illustration of how this method works ( https://www.xkcd.com/936). Basically, you create a random sentence. The length combined with the unpredictable combination makes these pass phrases very difficult to crack, even with powerful software.

Here are a couple to get your started (note: don’t use these as they are not longer secure having been published on the open web).

“pitter lightning patter horses and toads”

“ice tracks train slides screech”

Happy strong password/pass phrase creating!