We all know length is important, and it turns out this is especially true when it comes to passwords.
- Use sentences to make your password longer
- The more nonsensical the phrase the better
- Add the usual numbers and symbols to increase security further
It's one of those screens that makes your heart sink when you see it:
We're all creatures of habit, which is why using the same password across all your accounts (and maybe just adding a number at the end) is so tempting. But with crime increasingly moving online, improving your password strength is one of the cheapest ways to increase your online security.
And when it comes to increasing password strength, length is all important, as this article demonstrates clearly.
Which is why thinking of pass phrases - full sentences - instead of pass words helps improve security without necessarily making them less memorable.
One quick and simple way to do this is to put your existing password into a sentence.
For instance, if your current password is "Gazza90", this could be cracked by a normal PC in 14 minutes (via https://howsecureismypassword.net/).
If you then change that to "Gazza90scored100goals" it would now take the same PC 345 quintillion years to crack it. And I'm not even sure if a quintillion exists!
The more nonsense the phrase, or the more personal to you, the better as it make it less likely to exist elsewhere on the web, and therefore harder for the hacking software to guess. Then, adding in the usual random assortment of numbers and symbols adds an extra layer of complexity.
Remember, though, if it's so complex that you can't remember it, it's too complex. But too simple is also to insecure. Find a happy middle ground and you'll no longer dread the message "Your password is about to expire".