commonpasswordheader.jpg

Create Great Passwords: About

About Create Great Passwords

Keep your password secure

When I first had to remember a password it was short and easy, only one password for two or three applications. Today, I don't even know how many passwords I have to remember, I use a password manager but in many cases I find I still need to remember a few of them.

So how did I go about remembering passwords?

Some systems require me to change my password every so many months. I know about the issues with using the same password for more than one application/system etc. There's also the issue with using passwords that are made up from common words.

Password-cracking techniques have matured quickly and significantly in the past few decades and not to mention the power of today's computers have increased greatly making the brute force method easy.

Early Website on Passwords

The table below is calculated by assuming 100,000 encryption operations per second; this is a plausible number for a desktop PC today (mid 1990).

26 36 52 68 94
PW Length lower case letters only letters and digits mixed case letters single case letters with digits, symbols and punctuation all the displayable ASCII characters including mixed case letters
3 0.18 seconds 0.47 seconds 1.41 seconds 3.14 seconds 8.3 seconds
4 4.57 seconds 16.8 seconds 1.22 minutes 3.56 minutes 13.0 minutes
5 1.98 minutes 10.1 minutes 1.06 hours 4.04 hours 20.4 hours
6 51.5 minutes 3.74 minutes 13.7 days 2.26 months 2.63 months
7 22.3 hours 9.07 days 3.91 months 2.13 years 20.6 years
8 24.2 days 10.7 months 17.0 years 1.45 centuries 1.93 millennia
9 1.72 years 32.2 years 8.82 centuries 9.86 millennia 182 millennia
10 44.8 years 1.16 millennia 45.8 millennia 670 millennia 17,079 millennia
11 11.6 centuries 41.7 millennia 2,384 millennia 45,582 millennia 1,605,461 millennia
12 30.3 millennia 1,503 millennia 123,946 millennia 3,099,562 millennia 150,913,342 millennia

Today we can laugh at the time periods in this table as today's computers have the power that we didn't even imagine back then.

Also, with most passwords being common words it is even easier to hack.

This is why I don't use passwords, I use passphrases!

Passphrase

A passphrase is a short sentence/quote/saying that's easy for you to remember.

So how do I come up with the passphrases I use?

I used abbreviations like "I love high school football in 2010" equals "Ilhsfi2010" as a password (I don't use it today).

It's ten characters long, using lower and upper case characters with some digits. The information above says it would take more than 45.8 millennia to crack.

It doesn't use common words but today it would be a lot easier to crack but many times harder than using common words or sayings.

Quotes are easy to remember and this is why I created a website to help people with creating a tough password to use everyday that is hard to crack.

What makes a good password? It's not a word in the dictionary, nor a name or date that people might guess. It's not too short, greater than eight characters, more is better, and you must remember it!

Remember do not use any number that is a matter of record, such as phone number, birthdate, address, driver license, Social Security numbers, etc. in your secure password!

Password Guidelines

  • The password should contain more than 12 characters, more is better
  • It should consists of both numbers, letters and special symbols
  • Do not use the same password on multiple accounts
  • Do not reuse your previous passwords
  • Do not use the most commonly used English words
  • Do not use the names of your families, friends or pets
  • Do not use your login ID
  • Do not use postcodes, house numbers, street names, phone numbers, birthdates, ID card numbers, social security numbers, etc.
  • Do not use a keyboard pattern, such as qwerty, asdfghjkl, or 12345678
  • Do not use computer terms and names, commands, sites, companies, hardware, or software
  • Any of the above spelled backwards
  • Any of the above preceded or followed by a digit (ex. qwerty1, 1qwerty)
  • Change your passwords regularly
  • Manage and encrypt your passwords with password management software

Password Use Guidelines

  • You should not let your web browsers (Chrome, FireFox, IE, Opera, Safari, etc.) or FTP client programs save your passwords, any password saved in the browser can be revealed easily
  • Do not login important accounts with a public computer or a machine that's not yours
  • Do not login important accounts with HTTP or FTP connections, because the username and password in the message of a HTTP or FTP connection can be captured easily with a network protocol analyzer, which means that the password can be sniffed or hacked with very little effort. You should use HTTPS or SFTP connections.

BFR

BFR is a brute force rating I created to rating the strength of a password from a brute force attack, a higher number is generally a more secure password.

The BFR is a logarithm value with the next higher number being 1000 times greater than the lower number. A password length of eight characters will have a BFR of approximately five while a password with length of twelve characters will have a BFR of seven to eight depending on the non alpha characters used.

The lowest BFR in our list of quotes is a four while the highest BFR is sixty, a 100 character password. Compared this with common words which can have a BFR of two or less!

We recommend using a passphrase and having a password with the highest BFR that works for you.

Website Notes

Some notes about this website and the passwords displayed:

  • The year used in the sample passwords is changed every 24 hours
  • The symbols and punctuation used in the samples are also changed every 24 hours

If you think this website is of value to your friends/contacts, let them know about passphrase.

Disclaimer

CreateGreatPasswords.com and its authors are not responsible for any loss of data or personal information. Passwords are used at the user's own risk and no liability will be asumed. By using this website, you agree that the website and its authors are not liable for any losses incurred. CreateGreatPasswords.com and its authors are not responsible or liable, directly or indirectly, for any damage or loss caused by or in connection with the use of, or reliance on, any such content, goods or services available on or through this website.

All registered trademarks belong to their respective owners.

© 2013 - 2019 CreateGreatPasswords.com - All rights reserved.

CreateGreatPasswords.com

World