In a previous article, I outlined four types of passwords you shouldn’t create unless you want your account hacked. Given how valuable your passwords are, it’s important that they be secure, yet not too hard to remember. Not only do passwords protect your e-mail account, your social media accounts, and any web services you use, but also many accounts linked to your credit card, such as your Amazon, eBay and PayPal accounts.
Here are four tips showing how you can create secure passwords:
Tip #1: Size Matters
With passwords, bigger is better. With the power of todays computers, a 6-character password can be cracked easily using “brute force” techniques (where a computer simply tries every possible combination of characters) in mere seconds. An 8-character password may take hours if it’s complex enough; 10 characters would take even longer. If you want to be really secure, go for 12 characters or longer. But also make sure that your passwords aren’t of the type that are commonly used, such as those listed on this Wikipedia page.
Tip #2: Variety is the Spice of Life
There are four types of characters you can use in passwords:
- lower-case letters (a, b, c, etc.)
- upper-case letters (A, B, C, etc.)
- digits (1, 2, 3, etc.)
- “special characters,” which include punctuation (. ; ! etc.) and other characters (# * & etc.)
There are 26 lowercase letters, 26 uppercase letters, 10 digits and, depending on the web site, as many as a couple dozen special characters (most sites won’t let you use certain characters).
If you create a password with 8 random digits (that is, numerals only), there are 108 (100 million) possibilities — everything from 00000000 through 99999999. If you use, however, 8 random lower-case letters, the number jumps to 268 (over 208 billion, with a b). With a combination of numbers, upper- and lower-case letters, and special characters, the number of possibilities for an 8-character, pseudorandomly generated password can be in the trillions.
Combine this with tip #1, using a longer password, and see these numbers expand faster than the universe during the Big Bang. Of course, these numbers assume truly pseudorandomly generated passwords. For example, if you were to choose an 10-character password like Password1!, it wouldn’t take long to brute-force crack the password. But a 10-character password like y8E&@.o3Tc — which is just as long and also uses upper, lower, numbers, and special characters — would be significantly more difficult to crack, because it doesn’t incorporate words or predictable patterns.
Tip #3: Create Unique Passwords
The best way to create unique passwords is to generate pseudorandom ones and store them in your password manager—but we’re getting ahead of ourselves; that’s tip #4.
Let’s assume that you need to come up with a password that you’re going to need to type often, so it needs to be memorable, but you also want it to be relatively strong. Here’s an easy way to create unique, memorable passwords that are difficult to crack. You can use a password like this for the user account on your iPhone or your Mac, which is very important: if anyone can get into your phone or computer, they can access your e-mail, your files, and all your personal information.
To start with, try to come up with a short phrase or sentence that will be memorable to you, but preferably isn’t an axiom or anything in any public record like a book. As an example, let’s say you’re a big fan of the Game of Thrones TV series, and you think it’s the greatest of all time (“the GOAT,” as the kids say). You shouldn’t use gameofthrones or a variation thereof as your password, which could quite plausibly be in password cracking dictionaries (databases of known or likely passwords). But your first thought might be to create a password similar to this — please don’t use any of these examples:
gotisthegoat
That’s 12 characters, so it’s fairly long, but it’s all lower-case letters. Let’s throw in a couple of upper-case letters to make it more complex, but not in predictable locations (such as the first letter of the password or a word within it):
gOtistHegoAt
That’s a bit better. But now, let’s spice it up with a couple of digits. These have to still be easy to remember, right? How about this:
g0tistH3goAt
And the addition of even one special character theoretically makes this much harder to crack:
g0tistH3g@At
If something like that is too difficult to remember, you can simplify it a bit. To make it a bit more memorable, let’s just use one capital letter, one digit, and one special character, and add a 13th character on the end for good measure:
g0tistHeg@atz
Again, don’t use these specific password examples. But if you’ve gone through this exercise on your own, you now have a password that is relatively secure while also being memorable. According to the site How Secure Is My Password, the last example above would supposedly take about 2 million years for a single computer to crack—but that seems questionable. After all, computer technology is getting faster, AI is being used to crack passwords, and quantum computing is on the horizon. Even setting aside future advancements, relatively inexpensive technologies are easily available to attackers today, such as cloud computing clusters. GRC’s Password Haystacks page estimates that it would take a “massive cracking array” up to 165 years to crack this password based on today’s tech—a far cry from the 2 million years the other site claimed.
A password like the last example above is also complex enough that an average person watching you type it (an attack called “shoulder surfing”) may have a hard time comprehending what you’re typing, let alone memorize it. So a password like this should be good enough for logging into your computer or your phone.
One downside is that this password is difficult to type, but the next tip explains how to get around that.
Tip #4: Use Your Keychain to Store Passwords, or Use a Password Manager
Even if you have one really secure password memorized, you shouldn’t reuse it for all your web sites and services. This is because of credential stuffing attacks; if one site’s database gets breached, hackers may try to reuse publicly exposed username and password combinations to log into other sites. Since remembering several dozen complex passwords is implausible, you’ll need a secure way to store all those unique passwords. That’s where a password manager comes in.
If you primarily use Apple devices, you can use the Passwords app in macOS and iOS to store passwords. The Passwords app (which leverages Apple’s Keychain technology) is what “remembers” passwords when you enter them in Safari, along with the passwords you use for Mail and other programs. You can also use one of many password managers available (choose one that’s reputable and well-known—but not LastPass). Just make sure that the master password you use for this software is as strong as the example above.
Some password managers give you the option to choose “easy to type” passwords, which is a nice bonus. So, for example, you could generate something like Egad-FIERY6-jesters — which is both longer and easier to type on an iPhone or other digital keyboard than the g0tistHeg@atz example from earlier, and it’s not terribly difficult to memorize if you need to.
The above is the detailed content of 4 Tips for Creating Secure Passwords. For more information, please follow other related articles on the PHP Chinese website!
Best MobaXterm alternative for Mac: Top 6 options to considerMar 06, 2025 pm 05:05 PMMobaXterm is a go-to for remote connections with features like SSH, X11 forwarding, and an integrated terminal. But since there isn’t a version for macOS, Mac users have been searching for solid alternatives. If you’re on the lookout for somethi
![MacBooster Review: Is It Worth It? [Price, Features, Tools]](https://img.php.cn/upload/article/001/242/473/174122917236210.png?x-oss-process=image/resize,p_40)
MacBooster Review: Is It Worth It? [Price, Features, Tools]Mar 06, 2025 am 10:46 AMIObit MacBooster: A Comprehensive Mac Optimization and Security Tool MacBooster is a multifaceted application designed to enhance your Mac's speed, security, and overall performance. It offers a suite of tools for cleaning junk files, providing anti
Ugreen Uno 2-in-1 Magnetic Wireless Charger Review: It Powers Nearly All Your Apple GearMar 12, 2025 pm 09:01 PMApple users rejoice! Wireless charging is convenient, but Apple's official chargers are expensive. This changes with the Ugreen Uno 2-in-1 Magnetic Wireless Charging Station. ##### Ugreen Uno 2-in-1 Magnetic Wireless Charger: A Comprehensive Review
MacStealer Malware: What Is This & How Dangerous It Is for Your macOS?Mar 04, 2025 am 10:28 AMProtecting your Mac from malicious attacks: A guide to preventing MacStealer and similar threats The belief that Macs are immune to malware is a dangerous misconception. With the rise of threats like MacStealer, a macOS malware targeting sensitive d
Best Advanced IP Scanner alternative for Mac foundMar 06, 2025 pm 05:10 PMSay goodbye to Wi-Fi troubles! Recommended best network scanning tools for Mac systems Last week, my home Wi-Fi suddenly became unusually slow, which made me fall into a tech panic. Is the router faulty? Is it a mysterious device that occupies bandwidth? Or is the neighbor secretly downloading the popular game "Stalker 2"? I need to find the answer quickly. At this time, I remembered the Advanced IP Scanner that was commonly used on Windows systems before. But unfortunately, the Mac system does not have Advanced IP Scanner. Fortunately, macOS offers many powerful alternatives that can help you monitor devices on your network, troubleshoot connectivity issues, and even optimize Wi-Fi performance. Let me
Uninstall Office 365 on Mac: How to Completely Remove Microsoft 365Mar 05, 2025 am 11:40 AMFor many of us, Microsoft Office products are vital for work, study, and everyday life. Although you may use Office 365 often, you might have no clue how to remove it from your Mac. It may be that Word keeps crashing ev
Install Python on Mac: What Is the Best Way to Do This on MacOS?Mar 05, 2025 am 10:48 AMPython has become one of the most popular programming languages in the world with its incredible versatility. Whether you plan to build a website or an application yourself in Python, or want to run software that requires Python, you may need to install Python on your Mac. This guide will discuss three of the most popular ways to get Python on your Mac and briefly introduce some alternatives. Does Mac system come with Python? Unfortunately, since macOS Catalina, Mac computers no longer have Python pre-installed, although it is included in older versions of the OS, including Mojave and earlier. if
All iPad generations in order: From 2010 to 2025Mar 07, 2025 am 09:15 AMExplore the Evolution of iPads: A Comprehensive Guide from 2010 to 2024 Embark on a journey through the history of Apple's iconic iPad, tracing its remarkable evolution from its 2010 debut to the latest models. This detailed guide provides a chronol
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
PhpStorm Mac version
The latest (2018.2.1) professional PHP integrated development tool
Zend Studio 13.0.1
Powerful PHP integrated development environment
SublimeText3 Mac version
God-level code editing software (SublimeText3)
DVWA
Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is very vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, to help web developers better understand the process of securing web applications, and to help teachers/students teach/learn in a classroom environment Web application security. The goal of DVWA is to practice some of the most common web vulnerabilities through a simple and straightforward interface, with varying degrees of difficulty. Please note that this software
mPDF
mPDF is a PHP library that can generate PDF files from UTF-8 encoded HTML. The original author, Ian Back, wrote mPDF to output PDF files "on the fly" from his website and handle different languages. It is slower than original scripts like HTML2FPDF and produces larger files when using Unicode fonts, but supports CSS styles etc. and has a lot of enhancements. Supports almost all languages, including RTL (Arabic and Hebrew) and CJK (Chinese, Japanese and Korean). Supports nested block-level elements (such as P, DIV),
