Passwords are part of our everyday life. Not a day goes by without us entering a password to log into an account. A complicated password makes for a secure password.
In the beginning, when the Internet was still new territory, our passwords were incredibly simple. Passwords like "1234" or with our name were the norm. Nowadays this does not work anymore.
If you want to create a secure password, it should not contain any personal information.
On this page
How do hackers crack your password?
Using the same password for many years is a sign that the password is compromised. Usually stolen passwords and usernames end up on the black market. There is a real market for buying and selling passwords. Therefore, you should use a strong password, change it twice a year and do not use it for multiple accounts.
- Brute force attack
Hackers can use certain programs to crack your password. These programs try every possible combination until they find the right one and crack your password. Although it may sound like it, it’s by no means strenuous. The program does all the work and the hackers just have to wait for it to finish.
Some programs can check up to 100 billion passwords per second, so it’s hard for your password to stand up to them. If you want to create a strong password, you need a long password. The longer the password, the better.
Brute force attacks do not follow any deeper strategy. In such an attack, every letter, number and symbol will be tried in order to crack the password.
- Dictionary attack
A dictionary attack is different from a brute force attack because there is a bit more planning involved. Most of the time, the program tries words from a dictionary to crack the password.
So, when creating a password, the length and content matters. If your password is "schwarzercomputer77", it is easy to crack it. However, if you use a password like "schwarzerbergcomputerineinemauto4190281", we are already getting closer to the matter.
- Phishing
You have probably heard of phishing and have received phishing emails yourself. Senders of phishing mails usually use a certain tactic: they write mails like "You have won a car!" and then redirect to a page of your car dealer.
It is also common to receive emails like "There are problems with your bank account" and by clicking on the link you are supposedly redirected to your bank’s site. It’s all a trick to make you click on the link and enter your password on a wrong page, which the sender then reads out.
- Reuse of login data
If hackers crack your password, they will first try to use it for other accounts. Let’s assume that you use "blackcomputer" as your password and just a different number at the end for each account. Hackers may notice this and try to hack other accounts by combining them with other numbers.
What is a strong password?
Computers are so powerful and complex nowadays that passwords must meet many rules and also be very complex to be secure. Now that you know how the hackers crack your password, it’s time to figure out how to get around it.
You can create a secure password by avoiding any personal information in the password. Moreover, a strong password is always unique and complex.
How to create a strong password?
Below, we’ve compiled a list of important factors to look out for when creating a strong password. In it you will also find examples of good passwords.
- A complex password is difficult to crack
A password should consist of at least 16 and at most 64 characters. It should be a mixture of upper and lower case letters, numbers and special characters. Use symbols like "!#@&" as often as possible, they are easy to incorporate into passwords.
- No personal connection
You should try to make the password as random and impersonal as possible. If your name is Johanna Mayer and you were born in 1994, the password should never be "JohannaMayer94"!
The password should never have an obvious personal reference. Especially not if the e-mail address is [email protected], because then hackers will already find a large part of the password in the email address; this is almost as easy as using "password" as a password.
- A long sentence as a password makes for a secure password
If you want to avoid hackers finding out your password, use long phrases like "[email protected]". This sentence is not necessarily linked to information that could be found out about you on the Internet or with ease. For this reason it is a strong password.
In the example we have written that we live in Berlin and ride our bikes to work, where we are from 9 am to 4 pm. You can also use a random city like New York if you prefer.
It is very difficult for a hacker or a computer program to crack this password. Again, you can easily remember it because it is a sentence. However, remember not to use the same password twice.
- Change your password regularly
Let’s assume you have now created a strong password. Now you need to create some rules to make sure that you change your password regularly, making it harder to be hacked.
Many B2B login services implemented security rules years ago that notify you when it’s time to change your password. But for other online services you have to remember it yourself.
Change your password at least twice a year and create a notification in your calendar to do so. This will undoubtedly give you a secure password. If you use 2-factor authentication and thus have some additional protection, you can also extend the period until the password is changed.
- Do not reuse old passwords
Avoid reusing old passwords; any new password should really be one hundred percent new. By constantly changing your password, you nip all efforts of a hacker in the bud.
Imagine that you never change the password of your e-mail account. In all this time there was only one password that the hackers had to crack, a password that never changed. However, if you change it every now and then, hackers will have limited time to try to crack the password.
This is why banks all over the world change the access codes for the safes on a daily basis, as this makes it almost impossible to find out the codes through a hacker attack.
Good password – examples
Now a few more examples of a good password. However, do not use it literally.
- Passphrase
Use a passphrase (long password made of several words) like from the example "[email protected]". You can also make it a little harder and write the passphrase backwards. This is how "Ilikemykitchen" becomes "kitchenwhichIlike". This is a strong password and is easy to remember, you just need to write it down backwards.
- Abbreviations
Another example of creating a secure password is with abbreviations. For this, use a quote from Shakespeare’s Hamlet: "S1orNotS1_ThisIsThe?".
The English original "2BorNot2B_ThatIsThe?" is a very well known password of this type. There are many abbreviations you can use for such passwords: for example "N8" for "night" or "4" for engl. "for".
- Sentence method
Strong passwords can also be created using the sentence method. For this, take a sentence like "IchmagmeineweisseKuchedieicheinBerlinhabe.". Now use the first two letters of each word and have the password "IcmameweiKudiicinBeha". Associated with symbols and numbers you have an extremely complicated and strong password.
Do not tell your password to anyone!
It is important that you keep your new and extremely secure password to yourself. You can never know if a person you trust will accidentally give the password away somewhere.
Another tip is password managers. However, if you want to avoid them, you can also make a simple rule that you always add some text or change some values. For example, add a number to the end of the password and each time you change the password, increase the number by one. Thus you have practically a history for your password.
You should also never send passwords via text message or email to the. If you must share a password with someone, call that person and spell it out. If there really is no other way, write it down on a piece of paper, but never in your computer or cell phone.