Passwords security

RobM99

Hi all, sort-of banking but not. Anyhow, is it feasible to use special characters like é   √   ½ in a password?

flo22

some companies allow it and some don't, some insist of a special character

Getferret

websites have different “must haves” ie a a capital letter, a number, a special character.  Try using the special characters, the website will advise you what they require.

RobM99

OK thanks, I was thinking more of special characters that don't appear on a keyboard. I'd have thought they'd be a tad more secure.   ß ◙ ì  

400ixl

As stated some do, some (most) won't allow it. It is also unnecessary to create secure passwords.

Using random characters, numbers and special characters in a combination of 12+ characters is suitably strong even for banking. Using a password manager or storing passwords in browser vaults is a good way to use these types of passwords, personally I prefer a password manager like bitwarden over the browser vault.

Billxx

RobM99 said:

OK thanks, I was thinking more of special characters that don't appear on a keyboard. I'd have thought they'd be a tad more secure.   ß ◙ ì  

I doubt it.  "Brute force" password cracking programs will cycle through all the known ASCII characters and other variants.

RG2015

Billxx said:

RobM99 said:

OK thanks, I was thinking more of special characters that don't appear on a keyboard. I'd have thought they'd be a tad more secure.   ß ◙ ì  

I doubt it.  "Brute force" password cracking programs will cycle through all the known ASCII characters and other variants.

Presumably this means that all the known ASCII characters and variants have the same value to a brute force password cracking program. The only benefit would be that it could not be guessed by a person as it spelled out gobbledegook.

On a related issue though, don't banks have a limit to the number of failed attempts, thus rendering a brute force method ineffective?

RG2015

RobM99 said:

Hi all, sort-of banking but not. Anyhow, is it feasible to use special characters like é   √   ½ in a password?

Sorry, I should have answered your question first.

I suspect that the only way to know for sure is to try it and see.

RobM99

I could have   minceπ   at Christmas. I won't though!

Ebe_Scrooge

A good trick for making passwords easy for you to remember but impossible (for a human) to guess is to use a phrase (apologies if I'm teaching granny to suck eggs, but it might be helpful for some folk).  Pick a phrase that means something to you, for example "My dog is called Arthur and he wakes me up at 6am every morning with his barking!"  Take the first letter from each word, giving you a password of "MdicAahwmua6amemwhb!".

Not directly related to the original question I realise - but it's a handy little tip.

[Deleted User]

You could test your password strength online easily enough but a longer one, rather than special characters, is actually far better - I had an old wifi password which was over 50 characters (might even have been over 100) as it was a long sentence. The new router refused to accept it as it didn't have upper case letters and numbers despite the acceptable password being only 12 characters or something silly.

Password123!?

Would take 0.23 seconds to crack 

Yet

mynameisfarfetchandipostonmoneysavingexpertwebsite
 
would take 1 thousand trillion years despite no numbers, capitals or special characters

I tend to use the firefox or google generated ones, usually 16-20 characters of randomly generated letters but you can take something like Sausagedog22!? (16 years to crack) and make it way harder just by putting something on the front unique for each site e.g. MSSausagedog22!? (14 thousand years!) for MSE or HOSausagedog22!? for Hotmail etc - not wonderful to use the same password format but if no-one knows it or the coding convention then it's better than the minimum