25th February, 2019

How to create a complex password and dont forget it

Since a while, we are getting habit to end of the year articles that are telling us which were the most obvious and most used passwords in the previous year (in 2018 we had again in the first positions “123456” and “password”). These articles suggest us how we could have chosen a less obvious one and more robust against the brute force attacks, those attacks where one or more computers are calculating together all the possible passwords until to guess the correct one, that in slang is said: “breaking a password”.

Most of us know already about the best practice of having a password of at least eight characters, with at least a lowercase, an uppercase and a digit (also a special character to be fussy). Moreover, the chosen password should never correspond to a dictionary word.

The complexity of these passwords should be always balanced with our memory because, it’s true that they should be complex, but it’s also true that they shouldn’t be forgotten, especially for those password used in a working environment, that should be updated every 90 days.

Unfortunately, our fantasy to choose one of these “unpredictable combinations” is challenged by the fact that on the market exist computers, always more affordable and always more powerful, that could be dedicated just to break passwords. In a few years also some of our most complex password could be broken just a few minutes after their creation.

For this reason, in the latest years companies like Google are working to abolish the passwords, because they are considered belonging to legacy systems and not secure anymore.

As long as such systems won’t be accessible for everybody, in the meantime we could adopt some simply tricks to memorize complex passwords. An easy one could be to build a complex password starting from a sentence and to use, in the construction of the password, only the initial of each word. This trick is simple and easy to use. For example, instead of memorize a string of random alphanumeric characters, you could memorize something like: “Snoopy is the first dog of Charlie Brown”, that would be transformed into “Sit1doCB”. Or even better: “I go to the mountains because it’s less hot”: “Ig2tMbi’s-h” that would include also special characters.

Even though these passwords cannot be still considered as “unbreakable”, at least for this 2019 we could finally change our old “123456”.

Leave a comment

Swiss Identity & Access Management experts

Ask for a Demo