Saturday, March 10, 2012

Why Do I Need Such a Long Password? Well in This Case Size Does Matter

Passwords are a necessary evil. From my several conversations with people I get the impression that most hate the concept of a password. I believe one day passwords will be replace with biometric systems in the workplace. I am not sure when or how websites will ever replace the password system. Since we have to use passwords right now I will explain why longer passwords are better. I will also show you my character replacement system that helps create complex passwords with words you know. Now does size matter? In the case of password security, bigger is better. Short passwords like four digit codes are terribly insecure. People feel a false sense of security in using a four digit password. Modern computers and electronics have had great speed increases over the decade. It a lot of cases it takes longer to go through your fast food restaurant than have your four digit password broken into.
A recent news report revealed how a forensic company was selling equipment that would break into any iPhone's password system in less than two minutes. The reason why this is possible is because the iPhone allows only a four digit numeric password for its lock screen. That equals 10000 possible combinations to break into your iPhone. Computers and electronic devices have gotten faster, to the point that they can process numbers at an incredible speed. This company was selling the equipment to police departments around the world. Even though they were doing it for a noble purpose, it is not hard for hackers get their hands on software programs that do the same thing. The flaw though had nothing to do with the iPhone itself, it had to do with the fact the lock password is only four digits long and can only use numbers. Hopefully Apple makes a future update to this system so complex passwords are allowed on the lock screen.
So why are longer passwords more secure? Well when it is all said and done, it comes down to math. Right now if you were just to use numbers and letters with capitals for your password, each digit of your password represents sixty two possible combinations. Meaning a 3 digit password would be 62 x 62 x 62 = 238328 possible combinations. An eight digit password has 218340105584896 possible combinations. Each increase in a digit increases the possible number of passwords exponentially. Yet with such a large number of combinations, it may take a computer a few days or weeks to crack an eight digit password. As computers have improved, both the consumer and the hacker have enjoyed greater speeds. Based on current technology a nine digit password will take years to be cracked by a computer. Yes things will change, computers will get faster, but with each additional digit added to your password, you can stay a step ahead.
Now my character replacement system is designed with the idea of mind that you can use special characters in your password, while maintaining the look and feel of the password. This makes the password with the special characters and numbers easier to remember.
Here are a couple quick examples.
BEE = B33
This is the character replacement system I have followed and taught others for years to use. The reason why this is effective is it increases the possible available characters your password is using. This makes it harder to decipher and in some cases throw off people close (Ever heard of the kid who breaks into their parents computer to use the internet when they weren't suppose to?) to you that for whatever reason are trying to guess your password.
Here is a list of potential example passwords I would like to use.
What I do is use special characters or numbers to replace letters in the password.
1 = I
3 = E
7 = L
9 = G
O = 0
A = @
S = $
The idea is that for some, the shape of the number represents letter.
The number 3 is a backwards E, it is those little reminders that helps you remember. Now here are some complex passwords with terms I know. I am going to convert them over with my character replacement system.
Technically = T3chn1ca77y
Broncosfootball = Br0nc0$f00tba77
Spikemydog = $p1k3myd09
LoveFlowers = L0v3f70w3r$
As you can see, the replacement system changes the whole nature of your password. With the replacement system, you have taken your common word and made it uncommon. The reason why I have recommend this to so many was because of the psychological behind it. The ones who I taught this system gave me feedback that the special characters used to replace certain letters were easier to remember. In their head the idea that the number 3 was a backwards E worked for them. This is just a guideline. I know some who have come up with their own character replacement systems that worked for them. What really matters is that you use something like this versus nothing at all.
Hopefully this article educated you while size matters in passwords. How the longer the password the harder it is for a computer program to break through. Also you have been given an alternative to using certain letters in your passwords to make them more secure.

No comments:

Post a Comment