Choosing a Password

It has been argued that password systems are not a good way to authenticate. This is due to the fact that either they’re difficult to remember or they’re easy to remember, but therefore also easy to crack. So how do we choose a good password? XKCD posted this image suggesting a strategy for creating a password:

password_strength.png

This method is trying to eradicate to age old way of creating passwords that are, in fact, almost impossible for us to remember but relatively easy for a computer to crack.

The password suggested by XKCD (although now not a good password because everyone knows about it!) is practically resistant to the brute force approach, because, although it is composed of only lowercase letters, it is too long. Therefore, the method used to break this password would be the dictionary attack method. However, these words would probably not come up in a dictionary together as they aren’t usually associated to one another.

But what happens when this method (stringing together four words) becomes common practice? A method to combat this might be to look at the top 10,000 english words and try different combinations of these words until the password is found. Therefore, it is safest to always assume that the password cracker knows the method that you are using and so we must choose at least one uncommon word that is hard to guess, such as mirth, to include in the password. This will make it extremely difficult to crack.

M x

Advertisements

3 comments

  1. Wow. I literally just reset my password and this was the first thing that popped up in my feed. Super weird.

    I’ve actually started to do this as well (without disclosing too much information), but to up your game in terms of password encryption you could start stringing together random words from different languages, e.g. ‘Amomakingdifficultscheissepasswords’.

    Liked by 2 people

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s