How to create a secure password to respond to hackers

Source: Internet
Author: User
Tags strong password

Many people have been stolen network password experience, and the prevention of awareness is not strong is caused by the theft of one of the main reasons, some people use the number string "12345678" as a password, and some people use the English word "password" as a password. In fact, even making some changes to "password", such as writing "P@ssw0rd", is still not a safe password.

Secure Password

  hackers use the brute force to crack software every second can try 8 million passwords, how your password is too simple, cracked it is minutes . Just this Wednesday, professional social networking site LinkedIn's password for more than 100 million users was hacked to sell online.

So, how to guarantee the security of network account? First, check to see if your password is too low, and second, create a password that is easy to remember and not the same for each Web site. Even if a website user password is compromised by a large area, it will not hurt other websites.

  Check for existing password

It is very unsafe to use a simple word as the master password. A dictionary attack can try all the words in one language at a very fast rate, so brute force cracking is also known as the "exhaustive method". The hackers will put the stolen tens of millions of passwords on the dark web to share or sell, and these passwords will be added to the existing password-cracking dictionary. Simple words are usually the first step to be violently cracked.

Take "saxophone" as an example, if it as a password, in English dictionary cracked only a moment of kung fu, even if the initial letter with uppercase (saxophone) will not increase the difficulty of cracking too much. Even the inside of the letter into a number, become "sax0ph0ne", also not a safe password, hackers can break the password within one or two hours. However, adding a number will play a big role, cracking the software may take four days to crack "saxophone1".

Another point to emphasize is that you should never test the strength of the actual password on the web.

  Using long passwords

Network security experts believe that a secure password is at least 12 to 14 characters above. A 14-character password needs to be guessed 811 trillion times to break, and the length is guaranteed to be safe, not complexity. By contrast, a 8-bit password can be cracked in just a few hours.

However, few people use more than 12 digits of the password. This can be understood: long passwords are difficult to remember, and input is troublesome. But this problem is really good to solve, follow the steps below, you will be able to create your own security password.

  Make a password with a sentence

"Saxophone" may soon be cracked, but if changed to "Iplaythesaxophone" (I play sax), it may take two years to crack. A little longer to become "Everydayiplaythesaxophone" (I play sax every day) takes billions of years to crack. Do not understand English words, Chinese pinyin can also play the same effect, such as "Womeitianyanzousakesi."

In order to remember, you can use the movie lines, poems or songs in the sentence to do the password. Maybe you can also change one of the words. In a word, sentences are better remembered than random strings of characters.

  Use different versions of the same password on different sites

The usual advice is to create a different password for each site you log on to.

In the long run, in the site you are logged on to, one day there may be a Web site password database hacked, such as a few years ago, csdn password Disclosure event, or you suffered a phishing attack, leaked a website's account password. If you use the same email and password to register all the sites, the account password for the other sites will also be compromised.

But for most people, it's hard to remember a lot of passwords, and even if you remember them, it's possible to forget which one is the website.

The solution is to add "tags" to each website's password, such as "EVERYDAYIPLAYTHESAXOPHONE@QQ". If you change some of those letters to numbers or symbols, it's safer. Such passwords are easy to remember, and if a website's password is compromised, hackers cannot log in to your other site accounts.

  Be careful with special characters

Many people like to replace "a" with "@" and "O" instead of "0", so that "saxophone" becomes "s@x0ph0ne". The problem is that hackers know that someone is using this method, will change the way to crack, crack "s@x0ph0ne" only less than one hours. A notable example is that the Dutch security certificate provider Niginotar employees use "Production/administrator" (product manager) as the username, using "pr0d@dm1n" as the password, which was guessed by a 21-year-old Iranian student, Eventually led to the bankruptcy of the company.

  Maintain "digital hygiene"

Do not use your dog or cat's name or name variant as your password, and then bask in their photos on social networking sites and name them. The Senior Sustainability Threat (ATP) team searches the Internet for personal information and is used to attack bank accounts. Avoid using passwords that relate to family members and pet names or previous addresses.

  Using password management software

These software, such as LastPass, provide a browser plug-in, the first time you enter a website's account password, it will help you to save the password to its server, which can exempt you from each login to re-enter the account password trouble. When you enter a weak password, it will also remind you to change to a strong password. These software can also generate strong passwords for you.

However, there are some who feel uneasy about the software. What if the master password for the software account is stolen? So that all the other websites ' accounts and passwords are compromised.

  Write the code on the paper.

If you create a long password, but worry about forgetting it, you can write it on paper and put it in a safe place in your home, like a lock in a drawer. This is much safer than keeping it on the computer.

  Worst password list

1.123456

2. Password

3.12345678

4. Qwerty

5.12345

6.123456789

7. Football

8.1234

9.1234567

Baseball

Welcome.

12.1234567890

abc123

14.111111

1qaz2wsx

Dragon

Master

Monkey

Letmein

Login

Princess.

Qwertyuiop

Solo

Passw0rd

StarWars

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.