Passwords have been an everyday part of life with computers, and they won’t be replaced any time soon. It’s a form of authentication, granting you access to a system or service.
When security is based on passwords two pieces of information are required:
1. A username
2. A password
Often it’s not difficult to guess a username. Some computers keep this information easily available to anyone who cares to look, and other times it’s just a matter of guessing.
Passwords are more difficult. The “strength” of a password is critical to keeping out unauthorised people. “Strength” is a measure of how easily it can be guessed. And if you’re wondering who really sits there trying to guess passwords you’re in for a surprise.
Passwords can be made stronger by using a combination of the following tips:
- Make your password long. Tip: join 2 or 3 words together
- Have at least one letter in uppercase
- Don’t put a 1 at the end of your password (it doesn’t help at all)
- Use a made-up word if you can think of one, or spell a real word incorrectly
- Try not to use the same password on every website (more on this another day)
If you under the impression that no one will bother trying to guess your password then you’re definitely need to continue reading. Hackers don’t sit there trying to guess passwords (what could be more boring than that?). They write programs that do all the hard work of guessing programs. Then they maliciously install this program on other people’s computers (sometimes tens of thousands of hacked computers) to do lots of hard work for them. They just sit back and wait for the results to come in.
Protecting systems with passwords is a tough battle for the good guys (like you and me). As the progress of technology marches on we have faster computers which means hacking passwords becomes easier.
Now the really interesting part. There’s been some development on all this password guessing technology – where it used to take one computer months to crack a Windows Vista password, by utilising the untapped power of a modern computer’s graphics processor it’s now possible to do the same work with the same computer in 3 – 5 days. That’s 25 times faster just from some clever programming (see this article for the details on how).
So in the real world we have programs running on tens of thousands of computers, guessing billions of password combinations relentlessly, with the expectation that soon they’ll find all the easy ones.
So be smart about passwords. Make it very difficult to guess. And remember that there really are people out there trying to hack into your accounts so always be careful.