Whats a Strong Password and why? Print E-mail

A strong password is generally accepted to be a string of at least 8 randomly selected characters.

A longer password is better as it will take longer to crack. Yes, your password can be cracked, the security it affords is how long it would take to crack it. Unlike cracking a old style safe by finding each number in sequence cracking a password is an all or nothing process, you either have it or don't. 

It is for this reason that you should avoid helping the hacker by using words singularly, in combination or even spelt backwards. A dictionary attack is an early tool to use in the hackers arsenal. Also avoid using personally identifiable information such as your cars registration, birth date etc.

Once the hacker has exhausted the common exploits the only resort left is to try all the possible permutations of the 90 plus available values. To ensure all are tried you need to take a logical approach, say try all permutations of the number keys 0-9, that doesn't take long theres only 10^8 of them. So for all you folks that use just numbers, you've been hacked. Perhaps we'll try all lower case next (26^8), then all upper case. No result yet, now we have to check every permutation of number / symbol / upper and lower case characters. At 100 attacks per scond it would take about 1,300,000 years to try them all. Now you can see how, by using a mixture of upper case and lower case letters numbers and symbols you make the attackers job that much more difficult.

 

Read on to see how the length of the password increases its security. 

 

 

 

 To illustrate how a longer password increases your security we will start a single character password, then 2 characters and so on. Remember this is a simplified example, in the real world a single character password could have one of 90 plus values.

 

Number        Number

    of                 of

Chars           Permutations

 

    1                    1    (x)

    2                    4   (xx, xy, yx, yy) = 2^2

    3                   27  (xxx, xxy, xxz, xyx, xyy, xyz, xzx, etc etc ) = 3^3

    4                256   (xxxx, xxxy, xxxz, xxxw,  etc) = 4^4

    5              3125    =  5^5

    6            46656    =  6^6

    7          823543    = 7^7

    8      16777216    = 8^8

 

We are only using the same number of values as there are characters, so in the last example we have 8 characters each of which can have one of eight possible values. In reallity they could have one of more than 90 values (numeric, upper and lower case alphabetic plus symbols) 

The real number of permutations for an 8 character password is > 4,300,000,000,000,000

 
[ Back ]
SSL
Joomla Templates and the Joomla Book