How to choose the most secure password possible

mobfant

While this has probably been covered on the forum, I saw this article a few days ago, and it goes into great detail as to how to set the strongest password. It's based on an analysis of one of the main commercial password 'hacking' programs and shows in what order the program attempts to break passwords, from easiest to hardest.

http://www.wired.com/news/columns/0,72458-0.html?tw=wn_index_3

You can also test the strength of your password at sites like this one, but if you're worried, then just enter a similar style password rather than the one you actually want to use.

http://www.securitystats.com/tools/password.php

Beebe

Your first link doesnt work!?

PennywiseCat

I used to work at a place, wont name it but it was a small independant finance company, your password had to be a minimum of 20 charactors containing uppercase, lowercase, letters and numbers and not letters and numbers, so people had passwords like

DftOI876wERj&*sW;5Gh

And they expired every 14 days and you had to get another one, it was that bad people were writing them on post it notes stuck to thier monitors. Very secure!

Dennis99

https://www.grc.com/passwords.htm

greyteam1959

Mmmmmm thats nearly as bad a writing your PIN number down on a piece of paper in your wallet / purse.
Unfortunately people specially the elderly (!!!) dont realise that you can easily change the PIN that they give you to something more memorable.

moonrakerz

You can buy books of random numbers and random letter combinations. I would think that combining one of each from these two books would be fairly difficult to "guess".

Don't try making up random numbers, because it is impossible to do this - as soon as you start thinking about it, it is no longer random. That is why when you buy three "lucky dip" lottery tickets and you have the same number in all 3 of them, you moan ! These numbers truly are random.

OR, you could use the 32 digit alpha-numeric number on your self assessment tax receipt.

kakariko81280

I use firefox with the password composer extension. It hashes the website's domain name with a master password to produce a strong, site specific password. Doesn't store the password on your computer either so it's fairly safe to use.

Only 8 chars though and it can be tricky to change passwords later on because you never know your actual password.

Darksun

See, the thing is I think passwords can be made TOO secure. A completly random combination of mixed case characters, numbers and punctuation is pretty difficult to remember, so people are more likely to write it down leading to lowered security. What I usually do is take a phrase (none dictionary word) and use my own form of 'l33t speech' (substituting various letters for numbers and punctuation). Some people would argue this could be guessed, but it's pretty safe against dictionary hacks and brute force attacks.

A_Clock

KeePass is good

Richard_III_2

A_Clock wrote:

KeePass is good

I second that. Gets my vote every time.

mobfant

Beebe wrote:

Your first link doesnt work!?

Ah, just read the rules and it was because it was a t i n y u r l link. I've put the original on there now, cheers.