Choose a Secure Password! Is Your Take On How To Set a Secure Password All Wrong?
The online world runs on passwords. Yet, most of us don’t yet know what kind of password really gives us the best security. This is a little primer on the latest in passwords.
Judged on their own merit, passwords are a great way to secure an online account. The people who use passwords, though, are the weak link in the chain. According to a report published by the antivirus vendor McAfee, three out of four people online use one password across all their accounts. Anyone who gains access to that one password has access to every one of their accounts. While recycling passwords does make your account more vulnerable, there are worse password problems.
All these years, people have been coached by every website they sign up to that they need to set up a mix of numbers, letters and special characters to create a strong and uncrackable password. According to Intel’s Password Day password contest, though, these traditional password creation tips have had it wrong all along.
The complex passwords that the traditional tips recommend usually only help secure your account if the hacker gives your account personal, one-on-one attention. This rarely happens to people who are not wealthy. Most regular people are attacked with automated tools that access thousands of accounts online at a time and try to crack them the brute force way – they automatically try millions of possibilities.
Since these tools simply try every possibility available, using a mix of special characters, numbers and capital letters doesn’t help you – sooner or later, your password will fall to such a tool if it keeps trying.
What kind of password then really secures you?
What Intel and McAfee recommend is simple – when your problem is fighting the automated password crackers, you need passwords that are long; not ones that are complex.
By this idea, a password to your online banking account that goes “I love money in the bank” would be far safer than something like “d@V351985” since it has 10 extra characters. It would take an automated password cracking tool more than a year to crack it.
While these rules for password safety can be very useful, Microsoft has new plans for the humble password. Many Windows 8 users aren’t even aware that they now have access to new password technology called picture passwords (you can check out Microsoft’s article called Signing in with a picture password on the MSDN blog).
Owing to Microsoft’s size, the directions in which the company decides to take the personal computing experience usually become the worldwide standard.
Picture passwords aren’t actually passwords that are pictures. These are quite like the gesture-based passkeys that smartphones use. On those devices, you mark a gesture out on a matrix of nine dots laid out on the screen. Windows picture passwords are the same, except that you scratch your gesture out on a picture rather than on dots. On the example photograph on the Microsoft website, they show you how you might do this on a family picture with four people. You start on the face of one person and trace a line going from one face to another.
Password experts wonder, though, if gesture-based passwords are only meaningful for mouse-based computers. There could be times when one could look at a user’s greasy finger marks on the screen of a phone or tablet and find out what points it touched.