It's Not That Difficult to Figure Out a Hard Password

by Keith Gatling | 3 months ago

Password Keith BlogBy now, many of you have probably already heard that Facebook’s been hacked, and that you should change your password. And for those of you hadn’t already heard…Facebook’s been hacked, and you should change your password.

There’s a lot I could say about passwords, but I want to keep this short enough that most of you will read it, so here are a few important things.

No.1: Don’t use the same password everywhere. There are a couple of exceptions to this, but in general, don’t use the same password for Facebook, your various email accounts, and your online banking. Why? Because once they’ve cracked the password for one place, they’ll try it in others. And if you’ve used the same password everywhere…well, need I say more?

No. 2: Your [new] password needs to be complex enough that it can’t be easily guessed. But “complex” doesn’t mean it has to be something that you can’t remember.

Karenhas2beautifuleyes meets most password qualifications of at least one uppercase letter, at least one lowercase letter, at least one digit, and at least eight characters long. And…according to Howsecureismypassword.net, it would take 2 sextillion years to crack. That’s a long time.

The great thing about a password like that is that it can’t be cracked by “social engineering.” That’s when a potential cracker looks at your Facebook information for obvious things you might use as a password…things like hometown, graduation year, spouse’s name, etc. They may be able to find out that your wife’s name is Karen, but what do they know about her eyes?

DandatedLisafor6years is another good one. It would take 35 quintillion years to crack (which is how long Dan tells me he felt like he dated Lisa).

So as you can see, sentences make good complex passwords. EastOrangeisexit144 (easy for me to remember because it’s my hometown) would take 9 quadrillion years. And there are tons of sentences you can come up with that are complex, but easy for you to remember.

Now, don’t go and use these exact sentences as your passwords, or as models for them. If everyone used Xhas2beautifuleyes or XdatedYforNyears, that would just be way too easy for the bad guys. Make up your own sentences!

One for Facebook, and one for each of your email accounts.

And definitely a different one for your online banking!