The password is one of the best cybersecurity defenses you have and it’s completely free. The more complex it is, the harder it is to guess. Since, all things being equal, a hacker can try to guess your password an unlimited number of times, a weak password with encryption is less secure than a strong password without encryption. It goes without saying a strong password with encryption is even better. Today, however, we talk passwords.

Strong passwords should include letters, numbers, symbols, capitalization, and should be no less than 12 characters long. The best passwords will be 14 or more characters long. To create a strong password, and remember it, try personalizing it. One of my favorite lines from my favorite book is “the market is real because it can calculate.” This is a phrase that sticks with me. I joke that it haunts me. So, I could make a strong password like this:

+h3 M@rk3+ i$ r3@l b3c@u$3 i+ c@n c@lcul8

The market    is  real   because  it   can  calculate

Of course, an even better password would not rely on a single passage from the book, but would seek to absorb a few things that only I know or only I am interested in. This could be a pet’s name, a parent’s house number, the geek-name for a fictional character (in LOTR, Gandalf is also Olórin, Mithrandir, Incánus, Tharkûn, Greyhame, Stormcrow, and Láthspell), etc.

I  recommend testing the thoroughness of a few passwords before you pick one so you can see the effect they have on your security. I entered “the market is real…” password above into howsecureismypassword.net; it would take one “vigintillion” years to guess this password (63 zero’s after than 1).

Being in the security industry, it would behoove us to add: We, personally, would not test the strength of our actual passwords on any of these sites. We would test something similar but not the actual password intended for use. Also, remember that though it would take a computer, guessing randomly, this many years to guess your password, it will not take a hacker that long. Through social engineering, the hacker could significantly decrease the time necessary to break this code.

For instance, the hacker can and will find you on Facebook and see the glowing homage of Gandalf set as your profile picture. The hacker tunes his or her algorithm accordingly. Thus, look to combine a few concepts together. Finally, your strong password, as eluded to earlier, is just one security feature you have recourse to. Encryption, dual-factor authentication, lock-out policies, password expiry, password history, passphrase, and other tools can be used to increase security.

Leave a Comment