27 enero 2022

How to create a strong password phrase

Passwords come in all shapes, types, and sizes. However, people often choose something easy to memorable. A date that means something to them, a place they like to visit, their favourite game show,...

Occasionally they might throw in a special character - like a question mark - but they usually keep it simple enough so they cannot forget it. An understandable strategy, but never the right one, of course.

However, there are solutions and tools that you can use to help you strengthen your password strategy. For example, if you use Google Chrome, you may have noticed that this browser can also act as a password manager.

Google will propose a strong and long password for new accounts that is completely nonsensical, which you can then save ”in the cloud” to use the password on all your devices.

That is a better strategy, but you can do even better. With a real password manager, for example. A good example of this is Lastpass. This is a kind of password vault that you open with one specific, strong password, after which the tool will ask you to save a new (hopefully unique) password that you enter.

The difference with Chrome is that Lastpass generally works better with password fields on the internet.

Strong Passwords

The idea of a password manager is, of course, based on the fact that you, the user, use a unique, strong password for all your accounts. If you use one password multiple times, your accounts become very easy to hack if that one password gets stolen.

However, what is it exactly? Most security experts will tell you that a strong password is one that is at least 12 to 14 characters long, with lots of numbers and special characters in it, and preferably meaningless.

For example: ”(bnGoY78bzl37^”. Unfortunately, for our memory, this does not quite sit right. A better strategy is to use a passphrase. For example, when a hacker tries to guess your password, it does not matter to them what kind of characters you use, as they can use a brute force attack whereby an intruder can guess thousands of combinations at once.

However, what does make a difference is the length. For example, “I am using a password phrase” already contains 25 characters, and it would take a brute force attack longer to guess. The strongest method to implement is - how could it be otherwise - a combination of both.

For example, “1Us3aPa$$wordPhr@se” uses 19 characters, capital letters, special characters, and numbers. Moreover, it is hard to forget. A strong password phrase (per account) combined with a password manager gives you the best and strongest results.