A recent article on CNET discusses this year’s “25 worst passwords of the year” list, with the top 3 unchanged from last year: “password”, “123456″ and “12345678″. However, new entries to the list such as “Jesus”, “password1″ and “welcome” show that on the whole, people still aren’t getting to grips with the fact that these kinds of passwords are easily crackable.
Making a strong password is not difficult, and requires only a tiny bit more effort. A password that is easy to remember doesn’t necessarily have to be easy to guess. Language learners can use words from several languages in order to confuse brute-force hacking efforts, which use a dictionary to try every word or every combination of numbers until they gain access.
From the article:
Security experts suggest picking long passwords (the longer, the better) that include as many different characters as possible while excluding anything that can be personally linked, such as birthdates or names of relatives. Choosing passwords that include words found in common dictionaries is also discouraged.
However, popular nerd and math based webcomic XKCD has its own take on making memorable yet strong passwords. Comic creator Randall Monroe muses, “through 20 years of effort, we’ve successfully trained everyone to use passwords that are hard for humans to remember, but easy for computers to guess”. His solution is the opposite of that of the security experts above, and uses math to form a password that is easy to remember but has enough entropy that it will take centuries for a computer to guess: use 4 common yet unrelated words, and remember a situation the involves all 4 of them. His example, “correcthorsebatterystaple” is a much stronger password than “Tr0ub4dor&3″, even if it seems like it wouldn’t be.
I sometimes use a combination of common English and Chinese words for my passwords – they’re certainly memorable to me, and I’d be very impressed if there was an algorithm out there that could guess it!
Still, maybe if computers could take some of Chinese lessons Miami has to offer, they might have the required vocabulary…