Today I want to talk about creating strong passwords, because this is the first and one of the most important steps to secure your online activity. Let's figure out how to create passwords that are strong and hard to crack.
🔐Password length. The longer the password, the harder it is to crack. I recommend using at least 25 characters and avoid obvious combinations like your date of birth, your pet's name, etc.
🔐Special characters. Use lowercase and uppercase letters, numbers, and special characters for greater complexity. Or password phrases of at least 6-7 words. This is enough entropy to protect your accounts. Example password: "MnV&aoM3xnQu!4Cm#n%792tgF!GD7f4ec^$" Example passphrase: "causing-bakery-landmass-thermal-oversleep-skipping-recycled"
🔐Uniqueness. Obligatory rule - different passwords for different accounts. The password must never be repeated. Many people neglect this rule.
How do you create such passwords and don't forget them? It's simple - password managers. These are programs that generate complex passwords and store them in an encrypted form, so that nobody but you can access them. The only password you need to remember is the password from the password manager itself. It too should be complex enough, but in a way that you will remember it.
I recommend using open source password managers such as KeePassXC, Bitwarden. By no means use password managers built into your browser and do not use popular ones like 1password, LastPass. These companies have been hacked, plus they have closed source code.
KeePassXC is a completely local password manager. That is, it creates an encrypted database offline. And then you can move that database between devices.
Bitwarden (I use it) is a cloud-based password manager. The database is encrypted offline on your device and transferred already encrypted to the cloud, so you can conveniently sync between devices.
We recommend that you change your passwords at least once a year for important accounts.
*Bonus. A service where you can enter your email address and check if your passwords have been leaked and in which services - haveibeenpwned.
Password managers are hard requirement nowadays. All passwords should also be generated randomly.
Remembering passwords and re-using them is a big "no no" for any person (tech savy or not).
reply
reply
Wow. I was just about to write a similar article on the subject. You beat me to it)
It's a great topic. I think we need to talk about these things more often. People often don't even think about it.
reply
I use those too (keepass and bitwarden). I even have a copy on an encrypted USB of that keepass database (hidden in a safe place). Double protection. Even If I lose that usb or is stolen, there's no way to get the passwords inside. At least for 150 years, enough time to change them or being obsolete.
reply
How often do you have to update the base on the USB drive?
reply
not so often, is just an additional copy, but yeah it needs to be updated regularly if you change a lot the content.
reply
is the eternal competition between convenience and security. In most cases, people prefer the former
reply
Very informative, thank you. I use Bitwarden for a while.
reply
I'm glad you liked it.
reply
This is great, thanks for the post.
reply
You're welcome)
reply
I just keep it simple. It is the same password as my luggage.
reply
25 characters seems like a bit much
reply
Why? Passwords of 8-12 characters are already quite possible to crack in a reasonable time. From 25 characters - is a good option, especially since security is not redundant
reply
What are the odds of brute forcing a 12 character password using UC, LC, numbers & special characters?
reply
Here's an example from Bitwarden. With today's level of technology, it's quite realistic to hack with the bruteforce method.
reply
Right...
For some reason I thought it would be much more difficult than that.
Thanks for letting me know
reply
This is a good reason to update your passwords)
reply