4 1.2 default 0.01 700 //www.grovo.com/asset/gplayer/skins/default/watermark.png?v=1 Helvetica, Arial, Sans Serif

Passwords are an important line of defense for company data, but poor passwords can make us vulnerable to clever guesses or to password-cracking programs that are widely available.

The ideal password is both impossible for any other person or a cracking program to guess, and impossible for you to forget.

Both parts are essential.

For instance, a password that is short, or that includes a name, date or other information related to you, or is simply a word found in the dictionary will be easy for you to remember, but can be just as easily broken.

On the other hand, a string of sixty-four random characters would be virtually impossible for even a supercomputer to break, but how likely is it that you would remember? The more complex a password is, including both upper and lower case letters, numbers, and special characters, and the longer a password is, the more secure.

But of these two factors, complexity and length, it's the length of the password that is by far the most important.

For example, let's say your password is six lower-case letters.

You could make it more than five hundred times stronger by mixing in every type of character on your keyboard.

But you can get the same increase in security by adding just two more lower-case letters.

And the longer, less complex password will be easier for you to remember.

Instead of a passWORD, think in terms of a passPHRASE a few words long.

A nonsense phrase like "Detroit Fish Racer" is a very secure password.

At sixteen characters it's literally billions of times harder to crack than a six-character password.

If you can add other types of characters that's even better, and may be required by policy.

But in any case do make your passwords as long as you can easily remember.

Online Security16349What Makes Passwords Vulnerable
lesson111highOnline Security

Video transcript

Passwords are an important line of defense for company data, but poor passwords can make us vulnerable to clever guesses or to password-cracking programs that are widely available.

The ideal password is both impossible for any other person or a cracking program to guess, and impossible for you to forget.

Both parts are essential.

For instance, a password that is short, or that includes a name, date or other information related to you, or is simply a word found in the dictionary will be easy for you to remember, but can be just as easily broken.

On the other hand, a string of sixty-four random characters would be virtually impossible for even a supercomputer to break, but how likely is it that you would remember? The more complex a password is, including both upper and lower case letters, numbers, and special characters, and the longer a password is, the more secure.

But of these two factors, complexity and length, it's the length of the password that is by far the most important.

For example, let's say your password is six lower-case letters.

You could make it more than five hundred times stronger by mixing in every type of character on your keyboard.

But you can get the same increase in security by adding just two more lower-case letters.

And the longer, less complex password will be easier for you to remember.

Instead of a passWORD, think in terms of a passPHRASE a few words long.

A nonsense phrase like "Detroit Fish Racer" is a very secure password.

At sixteen characters it's literally billions of times harder to crack than a six-character password.

If you can add other types of characters that's even better, and may be required by policy.

But in any case do make your passwords as long as you can easily remember.