Today security is a major concern. Over the years, standards for passwords have gotten even more stringent with the inclusion of numbers and even symbols in password creation. You might wonder to yourself: Why the trend is steering us towards countless hard to recall, unsequential, and nonsensical sequences? What can I do about it?
Probability: Making Heads from Tails
The answer to the first question lies in the math, specifically probability. Probability is the likeliness of a favored condition occurring under given circumstances. If you flip a coin the chance that it will land on heads is fifty percent for each flip. But what is the probability of flipping a coin and landing on heads eight times in a row? To find this we multiply the probability of the favored event by itself for each flip of the coin. There are 256 possible outcomes without repeating instances, only one is favorable. If we tried to flip sixteen in a row, there are now 65,536 possible combinations.
Now that you have a crash course on calculating this probability, let’s apply that same logic to calculating passwords. Taking into account both lower and upper case characters we have fifty-two unique characters in the English alphabet. Imagine the same scenario playing out with the coin flips, except now the coin has 52 sides. A password using only case-sensitive letters with the minimum requirement of eight characters has 53.4 trillion possibilities. Taking advantage of numbers and symbols as well, a password of the same length has 2.4 quadrillion possible combinations.
Putting the Plan into Action
On paper that sound’s great, but in practice when you mix numbers and symbols with the alphabet soup, a growing pool of passwords becomes increasingly hard to commit to memory. We are only human after all. What if instead of using these unnatural characters we opted to use a longer password instead? The answer might surprise you. If we increase the length of our password to sixteen characters and only allow case-sensitive letters, there are 2.8 nonillion possible combinations. If you are unfamiliar with the term nonillion, it is a ridiculously huge number. For reference, a single nonillion is represented by a 1 followed by thirty zeroes.
You might be thinking: How do I take advantage of this seemingly endless font of security, but still craft a password that is easy for me to remember? The answer is to come up with a string of random words. You might have encountered a similar password scheme before on the bottom of devices such as wireless routers.
Jeep Carter Quartz
Lincoln Tuba Water
Best Practices to Keep Your Password from Becoming Compromised
So at this point, mathematically it should be inconceivable that a password would be brute forced. It is much more probable that a breach would occur due to some form of social engineering or other means of interception.
Social engineering is the means of obtaining confidential or personal information through underhanded tactics such as manipulation or deception. This practice is why you should never use a password containing the name of a spouse or child or any phrase an aggressor would be able to glean from contact with a coworker or insight into your social media. Social engineering is precisely why you should never under any circumstance write your passwords down on a piece of paper on your desk or in a text file hidden away on your computer.
Implementing a system consisting of strings of non-repeating randomized words can prove to be troublesome on its own because of sheer quantities of required passwords in this modern digital age. It is imperative that you do not break the cardinal rule of internet security: Using the same password for multiple logins. In this instance, the repercussions of a security breach would be catastrophic. If there was a data breach of a single infrastructure, the hacker would be able to cross reference your credentials with other services and access your accounts elsewhere. This is why it is best practice not to completely recycle that password.
Avoid Forgetting Passwords While Staying Secure
One solution is to create a cipher. Using this method you can create some variation but retain some semblance of familiarity. In these examples, I have utilized numbers and symbols in order to construct a cipher.
The best solution, if you absolutely have to keep a log of your passwords, is to do so through the use of a reputable password management system, such as KeePass or LastPass. These systems keep your passwords all in one place, but heavily encrypted and are inaccessible without the use of a master password or two-factor authentication.
Hackers also obtain otherwise secure data transmissions by other nefarious means, such as phishing, spoofing, or other malicious software. They pose as seemingly reputable sources, whether it be a website, an email, a network, or programs, in order to obtain sensitive personal data such as usernames, passwords, and even credit card information. It is imperative that you exercise your best judgment when using your credentials online.
- Double check the URL in your browser, before even thinking about supplying your password.
- Utilize a VPN (Virtual Private Network) to encrypt your traffic on the internet when possible.
- Never connect to an unsecured network.
- Remember to log out of accounts after use.
- Never supply anyone with your usernames or passwords.
- Update and scan your system regularly to protect from viruses, malware, and other security vulnerabilities.