Menu
homeWord

How to come up with a strong password. Brute force method. Why is it important to make them different?

Any person who uses the Internet has probably more than once encountered the need to come up with and set passwords: for logging into email, for account on the forum, for online banking. And in almost every registration form you are advised to come up with a strong password. After all, depending on how difficult your Secret word or phrase, both the confidentiality of your correspondence and the safety of your Money, and the security of your computer in general. The question arises: how to come up with complex password?

How to come up with a strong password

Length. The recommended minimum length for a strong password is 8 characters. It is believed that cracking passwords of 8 or more characters by brute force is too much long process and the chances of an attacker finding such a combination are too small.

Register. Good password must contain both lowercase and uppercase letters.

Special characters. An extremely secure password, along with letters and numbers, also contains special characters. For example #, ~,+, _

In total, the ideal option would be a combination Latin letters upper and lower case, numbers and special characters with a total length of at least 8 characters. For example:

uE_xm932
9203Jb#1
29Rtaq!2

Which should never be used as a password

Never use: as a password or secret word:

  • dates of birth
    The biggest stupidity is to install your own own date birth in the format 12071992 as a password to your VKontakte page, where the same date is indicated in the information :)
  • phone numbers
    A password consisting of your phone number will not be cracked only by the lazy. And here it doesn’t matter how many numbers there are :)
  • names, surnames, animal names
    It's funny when people think magically reliable protection mother's maiden name. ...which the whole yard has known for 50 years :)
  • and of course, all sorts of nonsense like “qwerty123”, “password”, “password”, “********”, “123”, “12345678”, “fyva”, “asdf”, etc. By the way, the leader among secretaries’ passwords is “one”, i.e. one single digit “1” :)

Conclusion

In conclusion, I want to say - do not neglect your safety. Do not use the same secret words for authorization on different sites and services, no matter how complex and reliable they may be. If you have one password for everything, everywhere, then by hacking one site, attackers can gain access to all your online accounts, which means they can see information on yours, use saved credentials in the browser and other information. And remember: there is nothing more permanent than temporary. Therefore, do not be lazy to come up with strong combinations and set complex passwords straightaway- don’t put this matter off for later. Let your information be available only to you! Good luck!

Everyone is well aware of the need for protection confidential information from unauthorized use, but very few users set truly strong passwords. What are our passwords? Research shows that almost 5% of users do not consider it necessary to change the default password “password” set by many programs to any other combination.

The main requirement for a password used to protect access to information is its maximum resistance to hacking. The time taken to gain access to data should significantly exceed the period of use of this data. Even simple brute force can crack the most perfect strong password, but who will do this for several decades?

A password containing 6 characters can be opened in a matter of hours using the simplest programs that simply search through combinations. This easy password. Increasing the length by one or two characters significantly complicates the selection of the treasured combination. Dates of birth or any significant event over the past 100 years are popular among users. But such passwords contain only 365 (days) x 100 (years) = 36500 combinations and can be calculated by any program in a few minutes.

The less meaning a password carries, the higher the likelihood that the data will not fall into the wrong hands. Modern programs do not directly enumerate options, but use databases popular passwords available on the Internet. It is strictly forbidden to use any normal word in any language to block access, since the majority of the population does not use more than 30,000 words in their speech, and running a Russian or English dictionary through a hacking program does not take long.

Who doesn't know the password qwerty or 123456? And 10% of users still use them today. In many office applications for simplicity, generally set the password “1”, less often “2”, which is very convenient for logging into the system, but does not protect information at all. Even the use of specially generated system administrators combinations are nullified by a piece of paper with a written password glued to the monitor.

But if access to the office is difficult for outsiders, then pages on social networks and personal mailboxes when used simple passwords there is no one to protect. Until recently, passwords obtained by typing Russian words using a foreign keyboard layout were popular, but today these options are also used by automatic selection programs.

The result of an almost instant checkpassword strengththere will be a message about the estimated time of account hacking or mailbox:

IN in this case eight months' durability is quite sufficient, but this result can be significantly improved by adding even one extra character. The method of randomly pressing the keyboard is very effective, but your fingers still press on the buttons in a certain sequence. The best option is to use online password generators.

As a rule, they use complex algorithms that exclude the possibility of hacking for a long time. At the same time, you need to come to terms with the idea that if the combination is lost, it will be impossible to recover the password. It is strictly not recommended to use one password for all occasions, since all protected data will become available to third parties if it is stolen or hacked.

For ease of remembering, it is popular to use numbers as a code combination cell phones, but please note that this is a maximum of 100,000,000 pure digital combinations, which are checked by hackers first. However, adding just a few letters significantly increases the likelihood of storing sensitive information.

Regardless of the complexity of the password, it is much easier to steal it or get it for certain reward. People easily trust such information even to unfamiliar interlocutors, which is the main source of leakage corporate information. Often, untimely change of access passwords to mailboxes or corporate databases after the dismissal of an employee leads to the theft of confidential and often secret information.

It is very significant that after hacking a social network page or mailbox, the hacker changes user password to elementary, absolutely not caring about its durability. This allows you to regain control, but the data is usually deleted or stolen. By taking the time to generate a hack-resistant password and storing it securely, you can be confident in the safety of confidential data. Hackers are not omnipotent, they simply take advantage of the negligence of network users. You can read about how they steal passwords

Requiring registration and use of a password to gain access to your account. Email, Internet messengers, Personal Area internet provider, chat rooms, forums, other sites and that’s the minimum. In this article we will try to figure out how to come up with passwords for all these countless services.

When registering on a new website, we often stop and think when we see the password entry field. Almost the perfect way to create a strong password will be generated random password using a special program, such as . But such passwords are difficult to remember, which means they need to be written down and stored somewhere. This option is not suitable for part ordinary users. Even if you use programmatic method creating and storing passwords, some passwords will still have to be remembered.

When creating a password manually, you must follow several rules:

  • Can not use simple combinations symbols and numbers. For example, passwords 123, 321, 123456, qwerty, asdfg and others are not suitable.
  • Cannot be used when creating a password (names of relatives, pets, dates of birth, phone numbers, addresses, postal codes etc.). For example, the passwords Masha, Sasha21, Vasya02071988 and others are not suitable.
  • Do not use passwords that can be guessed from a dictionary of popular passwords. For example, the passwords love, cat, alfa, samsung, mercedes, yasterva and others, as well as their variants and combinations are not suitable.
  • Do not use passwords that are less than 10 characters long.
  • The password must consist of upper and lower case letters, numbers and special characters.
  • When coming up with passwords, use your imagination and don’t think in stereotypes. The computer that guesses your password is good at math, but it can't think or be creative.

There are many ways to come up with a simple and relatively strong password. We will look at one of these methods.

How to come up with a password

The first thing we need to do is come up with a key phrase. The ideal option would be a unique nonsense phrase that is easy to remember. For example: space cockroaches. You can also use phrases from not very popular songs and poems.

  • Recording a Russian phrase in English layout.
  • Write the phrase backwards.
  • Replacing letters with their visual counterparts (“a” - “@”, “i” - “!”, “o” - “()”, etc.).
  • Using the first few characters of each word.
  • Removing paired/unpaired characters.
  • Removing vowels/consonants from a phrase.
  • Adding special characters and numbers.

You can use several of these methods to turn the key phrase into an almost meaningless string of characters. But the ideal option would be to create your own unique method"encryption" of the key phrase.

For example, using several template methods " " you can get the following password:

space cockroaches– use the first 4 characters from each word – kosmtara – write in the English layout – rjcvnfhf – write with capital letters and add special characters and random number– Rjcvnfhf@955

As a result, we ended up with a long and rather complex password that cannot be calculated from the personal information of its owner, but can be easily recovered from memory. Having checked the strength of the password using the service, we get the result “very strong”.

In conclusion, I would like to remind you once again that when coming up with a password you need to use your imagination and the ability to think outside the box. Using this advantage over "dumb" computers, you can create passwords that will be too tough for them.

Hello, my dear readers!

Frightened by “horror stories” that evil hackers can crack the password of anything, the poor little user feverishly begins to go through all his passwords and wonder: will they crack it or not...

At one time I asked myself the question: how to create a strong password for all my services for which I am registered? Is this even possible?

How do burglars operate?

First, let's think about how the hacking process occurs. In general, there are several main ways for an attacker:

  • look at the paper, on which all passwords are written. Surprisingly, many users still keep a sticker glued to their monitor, on which is written the password so treasured by the attacker. As they say, no comments...
  • brute force. Simply put, the usual enumeration of all possible options. How often do we see in films: special program picks up with lightning speed (or not quite lightning speed) required password. In reality, this is practically impossible. If the password is crypto-resistant, that is, it consists of enough large quantity characters and contains capital letters and numbers, selecting it can take a lot of time;
  • receiving remote access to the user's machine and view all necessary information, including cookies and special files administration. Again, movie techniques don't work here.
    Get full access to a specific computer - not like that simple task and requires a certain approach to solving it. If your data is not particularly valuable, it is unlikely that a hacker will waste his precious time on your computer;
  • keyloggers– keyboard interceptors. They are especially often used to gain access to payment information. Fortunately, the famous Kaspersky antivirus has in its arsenal virtual keyboard. So it’s impossible to track keystrokes: there is simply no pressing;
  • viruses. The advice here is this: don’t go where you don’t need it, and don’t download anything you don’t need. And if you download it, install it on your computer good antivirus and trust in his power;
  • concerning mobile platforms , then most often they use either the same brute force or the method of intercepting packets over encrypted network channels.

A few rules for creating a strong password

So it's not all that bad. Nevertheless, almost every one of us has probably encountered the fact that his account on VKontakte or on a forum was “hacked”, or even Odnoklassniki sounded the alarm... As a rule, this happens due to the simplicity of the password itself. There are special programs that already “know” standard sets passwords and generate their variations.

You can, of course, randomly run your fingers over the keys, “generating” a password. Alas, even in this case, the algorithms of hacker programs select everything possible options, albeit not very quickly.

I advise you to permanently abandon passwords that are a repetition of your login. Fortunately, many services do not allow the user to set such a password at all. And here social media use either a number as a login mobile phone, or mail address. This makes life much easier for an attacker.

And God forbid you from the names of animals, children, parents and dates of birth! Such passwords can be hacked by people even from close circles.

Some time ago I used a method that I personally invented. Only later did I find out that I was not the only one so smart. Its essence lies in the fact that some phrase in Russian is invented. For example, “This password is strong.” And then the keyboard switches to Latin layout and the same is entered, but without spaces. It turns out: “”njngfhjkmyflt;ysq”. Is this method a good one? Not really. Smart hacker algorithms have long been aware of this method.

And in general requirements There are only three passwords:

  1. more signs. 8 – good, 12 – even better, 16 – great;
  2. Be sure to use numbers. Moreover, both in the middle and at the end of the password;
  3. alternate between capital letters and regular ones. And exactly the same - in the middle and at the end.

Password generators

I also tried special services - both online and individual applications. Last Pass, for example, or here’s another: RandStuff, Password Generator and a bunch of services with the simple name “Password Generator”.

At first glance, they are all really capable of generating a random set of characters and numbers. But this is only at first glance random. An experienced programmer knows what is truly random generator does not exist, they all work according to certain algorithms. I won’t lie that this is exactly the case, but I suspect two things:

  • knowing by what algorithm passwords are generated, hacker program it will not be difficult to trace this algorithm in the opposite direction;
  • Some of these programs and services, oddly enough, are used specifically for hacking. The generated password is saved somewhere in a cache or in a cookie. And, perhaps, it goes straight to the attacker’s car.

Therefore, it is necessary to use only proven programs with an excellent reputation!

Now the choice is yours: use special programs or come up with complex passwords yourself. But under no circumstances store them on paper. Better create a file and save it on the cloud. Excellent cloud storage By the way, they also provide other services.

Want to know all the computer secrets? How about learning to communicate with a computer on a first-name basis? In this case, you can order a multimedia training course “ Computer genius", everything will be explained there in the most accessible language and - most importantly - they will clearly show how to apply the acquired knowledge in practice.

Be sure to share the link to this material with your friends via social media. networks so that they do not become victims of attackers. Don't forget to subscribe to the blog update mailing list, which will notify you when a new article is edited. Be careful, see you soon!

Sincerely! Abdullin Ruslan

Welcome to the blog site! I have long wanted to write an article about what the password for an account should be so that it would be very difficult to hack it. This article will teach you how to create a complex password. We will look at techniques that will help not only make your password secure, but also not difficult for you to remember.

Now we can no longer imagine our life without the Internet. Almost every site requests registration. The most popular resources are social networks. Every day, millions of users log into their accounts. We risk making a lot of mistakes by sending important data in messages. It’s good to have a complex password for VK or another popular social network, this helps protect yourself from intruders.

Several password complication methods

What should the password be? This question is asked by hundreds of Internet users. Distinguish the following types passwords:

  • alphabetic;
  • symbolic;
  • digital;
  • combined (combination of previous options);
  • register usage.

The first three types do not inspire confidence. It too simple ways create a password. Due to inexperience, we make mistakes and set them up. Okay, this will be a “password” for an account on a forum or other similar place. And, if this is the entrance to a bank office, all your money will be lost. The only thing that saves you is that the security service of such sites has developed a system for rejecting easy passwords.

Letters, numbers and symbols

A combination of letters, symbols and numbers is the most secure type of password. You have to seriously rack your brain to guess it.

Experienced “users” advise beginners to use this particular combination. Also, don't make it too short. Long combination will allow you to keep your data and correspondence safe from third parties.

The main thing is not to use the banal phrases below:

  • "123";
  • "123456";
  • "321";
  • "qwerty";
  • "asdfg".

These and other similar sets of characters from the keyboard guarantee hacking. It’s not just you who come to mind first, but hundreds of people. They will be calculated not even by a special program, but usually by an ill-wisher.

How to choose a password for mail or other type of authorization? This issue is worth tackling on your own. Several more password complication options will help.

Register

Before entering your username and password, you should pay attention to the case sensitivity of some forms. Combining uppercase and lowercase letters will make the password more secure.

When writing a secret word, think about its variety. Alternate capital and small letters one or more at a time. This method will seriously upset online villains.

The most annoying thing is if you forget the order yourself. By recommendation experienced users It’s worth making the first character uppercase, the second lowercase, and then alternating one at a time. This advice It’s better to take note so as not to rack your brains later.

You can do without introducing case features into the “password”, but this is still another method to increase the complexity of the password.

Changelings

The date of birth that any user will remember is the most banal and simplest way. If you play it correctly, it can turn out to be a good option. Using the “reversal”, many have managed to create a winning password that is unlikely to be solved.

The method is based on writing characters in reverse order. Choose any date, for example, when you were born and type the text backwards. If you have the phrase “081978” in mind, then turning it over, we get “879180”. It is quite easy to remember how to write such a password.

Let's consider other more complex ideas. Let's assume that the password is based on your first and last name. We type, already knowing the technique using the register - “PeTrPeTrOv”. Now let’s apply the “changeover” tactics. We use the date, for example, when the user was born - February 21, 1982. Plus we’ll add symbols to everything. At the end we get the following example password - “PeTrPeTrOv!28912012”. The result was stunning, because for the “user” it is simple and easy, but not for attackers.

Check the strength and security of your password using online services:

  • https://password.kaspersky.com/ru/
  • https://howsecureismypassword.net/

Encryption

What should the password be? Let's find out another one great way. Let's look at the principle of encryption. In fact, all the previously discussed methods have something in common with this. Here we will show what passwords are by encrypting phrases.

We take the most meaningless and unique phrase, which will easily remain in memory. Let there be “space cockroaches”. You can use any lines from songs and poems, preferably not very well known.

Then we apply a code to our phrase. Let's look at a few surefire ways:

  • rewriting a Russian word on an English layout;
  • "shifter";
  • replacing letters with symbols that are similar in appearance (for example, “o” - “()”, “i” - “!”, “a” - “@”);
  • removing paired or unpaired characters;
  • dropping consonants or vowels;
  • addition of special characters and numbers.

So, let's think of a few words with meaning - “space cockroaches”. We take 4 letters from each, we get “komtara”. Switch to English language and retype it - “rjcvnfhf”. We complicate it by starting the cipher with capital letter and adding symbols.

This is what the password should be, using the example of the originally conceived phrase - “Rjcvnfhf@955”.

A reliable combination has been invented with big amount characters. The strength of the password is checked using special services, for example, passwodmetr.com. The combination, as we were able to do, was not easy for the scammers to guess, since the user’s personal data is not involved. But for the “user” such a “password” is a godsend, since remembering such a reliable password will not be difficult.

Generator

For those who do not want to spend extra time thinking, developers have long invented complex password generators. This method provides some degree of reliability. The best ones are still considered to be “passwords” invented by one’s own mind.

What is a generator and how to use it? This smart program, which displays random passwords - completely random combinations. He uses many of the methods discussed, but does not take into account “turnovers”.

The complex password generator is downloaded from the Internet. For example, let's take "keepass". Like any other generator, it is not difficult to operate. The application and the generation itself are launched by pressing special button. After the operation is completed, the PC issues a password option. The only thing left to do is to enter the resulting combination in unchanged form or with additions.

Difficult passwords created by the iron friend are very difficult to remember. Rarely does anyone keep them in their mind; more often they have to be written down. There are usually a lot of passwords, because we don’t sit on one site and constantly register again and again on other resources. Therefore, storing a bunch of such information is not convenient for everyone. You can completely lose all the papers with notes.

There is one way out with storage - print them in a computer file. This is one of the most reliable cases. You just have to remember that the PC system does not last forever and also becomes unusable.

All methods for creating complex passwords have already been discussed above and you can create a password for Email, which will reliably protect your data from third parties.

I present to your attention a few necessary advice for creating passwords:

  • don't mention personal information about the user (names of relatives, names of pets, phone numbers, addresses, dates of birth, etc.);
  • You cannot use the Cyrillic alphabet in your password;
  • do not use phrases that can be easily calculated using a dictionary of popular passwords (yaster, love, alfa, samsung, cat, mercedes and other similar ones, as well as their other derivatives and combinations);
  • take into account the length of characters - preferably at least 10;
  • complicate the password using a combination of various methods - capital and lower case, numbers, symbols;
  • do not use the most frequent passwords– templates, think original (a robot that calculates your password cannot be as smart as a human).