Password is no longer Secret?

Recently I have read a blog post on Internet Security about several favorite passwords used online by users. Indeed, passwords are one of the web's most important security tools. Whether it's for your Blogger account, your Amazon account, your online banking or your MSN account, choosing a good password and keeping it safe can go a long way toward protecting your information online.



Hackers have developed a whole range of tools to get at your personal data, and one of the simplest ways to gain access to your information is through the use of a Brute Force Attack. They will systematically try a large number of possible passwords to hack your accounts. And how fast could this be done? Well, that depends on three main things, the length and complexity of your password, the speed of the hacker’s computer, and the speed of the hacker’s Internet connection. Generally it is listed in the table below.

Password Length	All Characters	Only Lowercase
3 characters 4 characters 5 characters 6 characters 7 characters 8 characters 9 characters 10 characters 11 characters 12 characters 13 characters 14 characters	0.86 seconds 1.36 minutes 2.15 hours 8.51 days 2.21 years 2.10 centuries 20 millennia 1,899 millennia 180,365 millennia 17,184,705 millennia 1,627,797,068 millennia 154,640,721,434 millennia	0.02 seconds .046 seconds 11.9 seconds 5.15 minutes 2.23 hours 2.42 days 2.07 months 4.48 years 1.16 centuries 3.03 millennia 78.7 millennia 2,046 millennia

As you can see, hackers can easily compromise your password; especially in the case that you are using a weak password.

Fortunately, it is not hard to create strong passwords and keep them well protected. And here several simple steps provided by Microsoft Security article which I found it useful and worth for sharing:



Step 1:
Think of a sentence that you can remember. This will be the basis of your strong password or pass phrase. Use a memorable sentence, such as "My son Aiden is three years old."

Step 2:
Check if the computer or online system supports the pass phrase directly. If you can use a pass phrase (with spaces between characters) on your computer or online system, do so.

Step 3:
If the computer or online system does not support pass phrases, convert it to a password. Take the first letter of each word of the sentence that you've created to create a new, nonsensical word. Using the example above, you'd get: "msaityo".

Step 4:
Add complexity by mixing uppercase and lowercase letters and numbers. It is valuable to use some letter swapping or misspellings as well. For instance, in the pass phrase above, consider misspelling Aiden's name, or substituting the word "three" for the number 3. There are many possible substitutions, and the longer the sentence, the more complex your password can be. Your pass phrase might become "My SoN Ayd3N is 3 yeeRs old." If the computer or online system will not support a pass phrase, use the same technique on the shorter password. This might yield a password like "MsAy3yo".

Step 5:
Finally, substitute some special characters. You can use symbols that look like letters, combine words (remove spaces) and other ways to make the password more complex. Using these tricks, we create a pass phrase of "MySoN 8N i$ 3 yeeR$ old" or a password (using the first letter of each word) "M$8ni3y0".

Step 6:
Test your new password with Password Checker here. Password Checker is a non-recording feature on this Web site that helps determine your password's strength as you type.


And of course, keep your passwords secret and treat them with as much care as the information that they protect. Don't wait until it is too late for taking any action. To my reader: Please, be safe. It’s a jungle out there.

Referred Links:
http://ecommerze.blogspot.com/2009/02/favourite-passwords-used-online.html
http://elamb.org/good-password-tips-and-password-management/
http://www.microsoft.com/protect/yourself/password/create.mspx
http://financialsoft.about.com/od/softwaretips/tp/Password_Tips.htm
http://www.watchingthenet.com/how-to-create-strong-passwordsand-remember-them.html
http://www.unixnewbie.org/creating-a-strong-password/