To explain how to choose a password that is extremely secure and practically impossible to discover even for a talented hacker, you need to make a reverse speech and look at all the mistakes that are made by most people. In reality there is no password that is 100% secure and inviolable (both using brute force programs and guessing with deduction) and there is no minimum number of characters to use.
However, if even the best hacker in the world would take days or weeks to discover our password, unless we work in the secret services, we can say to be sure that 100% anyone who wants to know our passwords will be forced to give up.
In fact, hackers, both good and improvised, are not forced to armored security systems behind which nothing interesting can be hidden, but above all they base their techniques on the ignorance and naivety of people.
Just see the list of the worst passwords of 2015 to find out that most people protect their website accounts with passwords such as: 123456, password, 12345678, qwerty, 12345 and other really trivial ones that are very easy to discover even by "my cousin ".
Even those who do not use these terribly weak passwords must immediately change their password by choosing a more secure one if they have made the following mistakes .
READ ALSO: How passwords are stolen
1) Use short passwords
A password of 3, 4 or 5 characters is too short and has a limited number of combinations that can be discovered with a program that tries them all.
Sure, short passwords are easy to remember, but they don't work and shouldn't be used because there aren't enough variations available to make them safe, even if special characters are used.
2) Any password that is a sequence on the keyboard is no good
If we are using a password, even a long one, which is a series of consecutive keys on the keyboard, this will be very easy for anyone to discover.
For example, 12345, qwerty, asdfg, zxcvb are consecutive keystrokes.
3) Any word found in a dictionary should not be used as a password
Almost everyone falls on this mistake, convinced that they are using a strong password, which is however a common word.
In fact, programs that try to guess passwords definitely try all the words in the Italian, English, French, Spanish, German, etc. dictionary. and they do it so quickly that discovery is child's play.
4) Choosing a common dictionary word as a password, replacing some letters with other similar characters is equally wrong, insecure and easy to find
You can think that a secure password is written like this: or , replacing the I with a 1, the O with a 0, the a with the @ or the and with & etc.
Even these tricks are now too predictable and known to all, easy to identify, immediate to discover.
5) Use popular words even if not from dictionary
Using the name of a singer or a footballer as a password is wrong, the name of a movie as well and also of a football team, a famous person, a fashion and so on.
Just think that among the worst passwords of 2015 there is Star Wars, Eminem, Juventus or Roma1927.
6) Entering dates in passwords is a big mistake .
If you use a password by entering our or our child's birth date or any loved one's, it is better to change immediately.
Anyone who knows us or who can trace these dates can, in fact, easily try them or put them in a brute force program to combine them with other words.
7) Using personal words such as nicknames, dog names, the license plate of the car, the tax code, surnames of people or any even invented word that can be traced back to us is a mistake.
In these cases no hacker technique is needed to find out the password, just try different combinations with these data easy to find knowing the person or even on Facebook.
8) Failure to use numbers or special characters
Random numbers and special characters are essential for making a password secure, without making the mistake number 4, of using characters that resemble letters in common words.
Basically, to choose a secure password that is impossible to discover it is necessary :
- use at least 7 or 8 characters;
- insert special characters;
- make sure that the password is not a dictionary word or a personal date;
According to these indications, a password like Op6s_oHr4M> xt can be considered secure.
This password does not recall any real words, it does not bind anything personal and even a hacker would be forced to include all the keyboard characters in the brute force program and try so many combinations that it would take months even with the fastest computer in the world.
The problem though is: how do you remember such a complex password "> password management program such as 1Password, LastPass or Keepass or use a mental criterion without using programs.
I talked about this in the guide on how to generate strong passwords for web accounts .
If we choose secure and almost impossible to discover passwords with both deduction and hacking tools, there is only one way to rip us off, phishing .
The phishing techniques are those for which, for example, we receive an email asking to connect to the bank or Paypal or Facebook website and change our password for security reasons.
The important thing to be sure is to know that password change requests never come from an email or an SMS or from a Facebook message or from any clickable link on the internet.
Fortunately, on the most important sites there is double verification of the password with a request for a variable code to access, which is received on the phone.
If you are still here and you haven't done it yet, run now to change all the passwords !!!
