Help Desk Home
About the Help Desk
Password Help
E-mail Help
Network Help
Phone Help
Printing Help
Software Help
Virus Information
Spyware Information
Downloads

Information Services
Information Services : Help Desk : Passwords

How to Choose a Good Password

There are two ways that the bad guys of the world can get your password. They can try to guess it, and they can try to "crack" it. Guessing is just like what it sounds. If you tried birthdates, phone numbers, e-mail addresses, pet names, and brand names written on computers, you would get past most of the worlds passwords in no time. After guessing, "cracking" is the method of choice for the bad guy. "Cracking" a password is using a computer program to try a list of possible character combinations as the password. The two types of cracking are "Dictionary Cracking" and "Brute Force Cracking." Dictionary Cracking tries each of a long list of words as the possible password. Brute Force Cracking tries every possible combination within a given character set as the password.

Given what we just learned, let's look at some scenarios.

You were clever, you are not using any obvious notion as your password. You have chosen "schools" as your password. An evildoer has two choices, now. Dictionary or Brute Force Cracking. Dictionary is much faster than Brute Force, but is not a sure-shot each time. But, since it won't take nearly as long and could be fruitful, the hacker tries it. In about an hour and a half of a computer's time, the bad guy has learned that "schools" is your password. If the hacker had chosen Brute Force right at the beginning, it would have taken about three days, using a letters-only character set. Either way, you've been hacked.

What would have been even more wise would have been to add capital letters, numbers and special characters to your password. If your password had been, instead, "sCHoo!5", the process would have taken upwards of three weeks to complete. Long enough to discourage all but the most dedicated of villians, and more than enough time for you to have changed your password to something equally as challenging.

So, in summary, choose a password that's hard to guess and hard to crack, and change that password often. A good tip for selecting a password is to take a word or two like "kiwipencil" and change some of the letters to numbers or capitals like "K1w1p@nc1L". It's just as easy to remember, impossible to guess, and almost 6000 times harder to crack.

<Go Back