Strong passwords: The key to your security

By | March 24, 2011

Do you use passwords like 12345 or djones525 or katybelle1234? In the age of “the cloud” it’s more important than ever that you use strong and secure passwords.

Server security has gotten better and better, encryption has gotten stronger and stronger, but all that means nothing if your password is something like “password” or tom1234 or penny6129. If someone can guess your password they can access your online accounts; all the server security in the world will not save you if you continue to use simple passwords. And if you use the same password for everything – you’re just asking for big, big trouble. Simple passwords are an invitation to disaster. Using one simple password for everything will be a disaster – it’s not a question of “if”, it’s a question of “when”.

Why? Because if someone guesses your password and you use that same password for everything – then the person who has your password has access to everything you do. In “the cloud” that means they have access to your money, your credit cards, and your personal, private data, your email, all your messages, and maybe even your computer.

Whether any of us like it or not, we are moving out of the desktop era and into the “cloud” era.  EB and TC think the name “the cloud” is just another goofy coolspeak word, but it is what it is. The Cloud is The Web and no matter what we think or you think the rush is on to make “the cloud” as important today as the desktop was yesterday. Some of us will be dragged kicking and screaming into “the cloud” but we’re not going to change the fact that “the cloud” is going to become increasingly important in our daily computing lives.

We read an article on the Web recently that demonstrates why it’s so important to use strong passwords. Again, we want to mention the importance of using a program like LastPass (free) to generate strong passwords and to store them.

Take a look at the image below (originally appeared here ) and you’ll see how fast a computer can crack simple passwords instantly.

Cloudeight InfoAve Premium -Blast from the past

“…a fast dual processor computer can generate 100,000,000 password combinations per second one has to be aware of the simple fact that your password can be cracked. Luckily there are different controls in place that prevent passwords from being tried again and again. For instance there are several web portals that only allow 3 password tries, if you fail on the third try your account is either locked until verified or locked for a number of hours.

Yes, an eight character numeric password will be cracked instantly by almost any computer. A password using alphanumeric characters and symbols will take approximately 83.5 days to crack. Conclusion use a longer password when possible and make sure to use the a combination of numbers, upper/lower case letters, and finally symbols…” (see source article )

Trust us, in this new age you can’t rely on passwords like jack1234 or jill518 to keep your personal information safe. Get a password generator that will generate as many very strong passwords as you need. A tool like LastPass can not only generate extremely strong passwords, but can store them and “remember” them for you when you need them. LastPass will even fill in the forms for you on site where you need to login.

If you don’t like LastPass (free), use an online password generator to generate strong passwords — use something to generate strong passwords and break your habit of using simple passwords that anyone could guess – or that a computer with password cracking software installed could crack instantly.

Here are some online password generators (these are just a few):

http://strongpasswordgenerator.com/

https://www.grc.com/passwords.htm

http://www.multicians.org/thvv/gpw.html

If you’re opposed to using LastPass to generate and store your passwords, and you don’t want to use an online generator (you’re really contrary, aren’t you!) then use this method to generate passwords.

TRDIAYWASICNTBTTOLTBATHMATD

(Two Roads Diverged In A Yellow Wood And Sorry I Could Not Travel Both Took The One Less Traveled By And That Has Made All The Difference ) Get it?

IRTNTOBAALMWMTG

(I Read The News Today Oh Boy About A Lucky Man Who Made The Grade)

Or make up a pronouceable word that is not in the dictionary and add numbers to it:

floonable8950

sarnotoodie7182

AND NEVER NEVER NEVER NEVER EVER EVER USE THE SAME PASSWORD FOR EVERY ACCOUNT. NEVER EVER EVER EVER NEVER EVER USE THE SAME PASSWORD FOR ALL YOUR ACCOUNTS. NEVER NEVER NEVER EVER USE THE SAME PASSWORD FOR ALL YOUR ACCOUNTS.

If you want to learn more about password cracking and how criminals and miscreants with the right software can crack your simple passwords instantly, read this article about Rainbow Tables.

The age of “the cloud” is here and it’s time you started getting ready for it whether you like it or not.

2 thoughts on “Strong passwords: The key to your security

  1. Kalona

    “Thank you.”

    I just read the article on LastPass and I noticed the absence of Roboform in your initial list of suggested password generators. I’m wondering if you if, in your opinion, LastPass is now a superior product.

    Kalona

    Reply
    1. infoave Post author

      I don’t think LastPass is a superior product but its free version is equal in quality to RoboForm. Our issue with RoboForm at this point isn’t the program, it’s the company who sold “lifetime” licenses which were good until it got greedy. If you want to upgrade version 6 to version 7 you have to pay – even if you previously purchased a lifetime license. RoboForm says they will continue to support the older version – so if you don’t want to pay you can keep using the older version. However this presents a problem for users who may well find that the older versions won’t work in the newest browsers. So RoboForm’s solution isn’t a solution at all. Browsers are updated all the time. When the older versions of RoboForm don’t work in the newest versions of browsers, users will have no choice but to pay for RoboForm (AGAIN) or find something else. The something else we recommend is LastPass – it’s very similar to RoboForm but it does take some getting used to. I switched over a year ago because I actually like it better than RoboForm.

      We don’t feel it’s right to sell lifetime licenses and then renege on that. A lifetime license should be a license that lasts as long as you want it to, not until RoboForm realizes it could make a lot more money by charging for new version. It leaves a bad taste in the mouths of users. RoboForm had previously been a great company who provided users with a great product and excellent support.

      Reply

Leave a Reply

Your email address will not be published. Required fields are marked *