The best way to make a strong password

 

Dealing with passwords is an essential aspect of using the best Android tablets, our preferred low-cost smartphones, and all the other devices we use to communicate online. Our accounts on Spotify, YouTube, and Twitch, as well as those on PayPal, Amazon, and Venmo, are just a few of the everyday things that are protected by passwords. They control the digital locks on our online property and, as such, are crucial in defending our life from criminals out to steal our identities and cause mayhem. In addition, look into the top 2FA Android apps to boost your online security.

It's crucial that only you know your passwords or can figure them out. What, therefore, constitutes a good password? You must have some knowledge of how internet ne'er-do-wells hack passwords in order to comprehend it.

Brute-force attacks

A brute-force assault is what is referred to as password guessing repeatedly in digital security. The concept is basic. To find the proper one, try all possible letter and number combinations. For a human, this kind of activity would be time-consuming, unpleasant, repetitive, and error-prone. Most of these issues are trivial for a computer.

According to NordPass, computers can guess between 10,000 and one billion passwords per second (on a vintage Pentium 100MHz) (on a supercomputer). In the worst scenario when the slowest computer doesn't identify the right PIN until the last check, guessing a four-digit PIN (10,000 potential PINs) would take a second.

A six-character password with 366 potential character combinations might be cracked using an alphanumeric password made up exclusively of lowercase letters and digits in 217,679 seconds (2.5 days) using a Pentium or in around 2 seconds using a supercomputer. The maximum amount of time needed to brute force the passwords is shown by these numbers. From the perspective of security, this is unacceptable.

A complicated password, like @ndroidPo1ice, is more difficult to crack. There are 948 (more than six quadrillion) possible password combinations because it has eight characters, including uppercase, lowercase, digits, and symbols. When compared to our low-powered computer, which would need more than 600 billion seconds (more than 19,000 years) to brute-force all the options, this amount of complexity is sufficient to render it ineffective. It provides adequate protection against our powerful computer's guesses, which would take more than six million seconds (70 days) to make.

Dictionary savagery

These computations are based on the longest time frame conceivable, with the computer's best guess being the final character permutation. The time it takes to guess a password typically takes half of the time mentioned above. Even worse, it's not our fault that people choose passwords poorly (most of the time). The issue is that a random assortment of letters, numbers, and symbols makes for the finest passwords to fend off brute-force attacks. The simplest passwords to remember are composed of letters, numbers, and words that have some significance to the user. This exposes us to dictionary attacks, a new type of vulnerability.

Because so many individuals use common words in their passwords, this kind of assault is effective. An attacker can test words that are known to be used in several passwords rather than attempting every conceivable character combination. Aside from that, attackers can discover lists of hundreds of millions of passwords to try, which is a far cry from the six quadrillion possibilities in our earlier scenario considering the abundance of data breaches in the past ten years.

Cracking passwords

Hackers can also exploit the way passwords are stored by internet services. A list of plain text passwords is not kept on file by businesses. User data would be exposed if this were to happen. Instead, they save passwords using a unique kind of encryption. The goal is to create a function that quickly changes a password into a new value so that it is challenging to infer the old value from the new value.

Since businesses started utilizing these algorithms, hackers have been hard at work devising strategies to break them. Some have been so thoroughly cracked, like SHA-1, that the original password may be found by performing a straightforward Google search on the transformed value. Others can be broken with brute force in a matter of hours by renting time on AWS

The remark

How can we be certain that our passwords are secure? Looking at current password requirements from financial institutions is a decent rule of thumb. For instance, your bank might demand passwords with at least eight characters and at least one each of an uppercase, lowercase, number, and symbol. So, @ndroidPo1ice's prior illustration meets all the criteria.

Longer, more complicated passwords are the answer to these issues. But this creates a fresh issue. The majority of us have numerous accounts. 50 passwords for 50 services is more than we can handle. A kind of compromise is the ideal course of action. Focus on the crucial websites that manage access to your money (Amazon, PayPal, Venmo, and bank accounts) when it comes to using multiple passwords for various websites, and utilise a more straightforward password for your less significant accounts (Spotify, TikTok, Discord). In this manner, the risk to your most important accounts is reduced in the event that your password is disclosed in a data breach.

There's no need to keep track of every password you use.

Once you've created a strong password that can withstand common hacking attempts, you'll need a way to remember it along with the dozens of other passwords that are currently safeguarding your online accounts. Writing it down is one method. Some people keep their passwords in a special notepad, which is a good idea because it can't be hacked. This method has two drawbacks: one, you need the book nearby for it to work, and second, if you lose the book, you lose all your passwords and may have accidentally handed them to someone else if they can figure out which accounts belong to you.

There are basically two options available when looking for a digital password management solution: cloud and local. Your credentials are stored on a cloud service's servers and are accessible from any location and device. You just need to remember one password when using a service like this because the online password manager will handle the rest. The disadvantage is that you must rely on a third party to protect your passwords. You will also be hacked if they are.

A regional solution is another option. Download software that lets you manage your login information from your desktop or phone if you don't trust a third party with the security of your passwords. This is very similar to the pen-and-paper solution in the digital age. Instead of a notebook you keep at your desk, just your passwords are kept in an encrypted file on your computer. Local password managers have the limitation that they only work on the device you're now using.

The fact that they frequently create a secure password for you is one advantage of using password managers. Your needs and personal tastes will determine which is best for you, but some are superior to others.