Which description of password security is incorrect?

Regarding the description of password security, what is incorrect is that passwords with more than 12 characters are very safe.

A 2010 study by the Georgia Institute of Technology in the United States showed that a 12-digit password is more appropriate. (Recommended Learning: PHPSTORM )

Researchers assume that a skilled hacker can generate a 1 trillion password combination every second, so hackers need to spend 180 years. Cracking an 11-digit password. If the user uses a 12-digit password, it would take a hacker 17,134 years to crack it based on the current level of technology.

We are currently in the Internet era, and we often log into various websites, forums, emails, online banking, etc. This access typically requires account and password verification, so we continually register users with numerous network accounts and passwords. Most people are used to just using a common network username, email address and password to simplify memory. If so, how do I set a password relatively securely on the internet?

Generally, personal password security should follow some simple requirements. Use different passwords for different network systems and use more secure passwords for sensitive systems. Don't use the same password for all systems.

For forums where you log in from time to time, you can set a simple password. For sensitive information, email, online banking, etc., you need to set complex passwords. Don't use the same password for your forum, email, and bank account. The specific setting strategy is as follows:

Arrange your favorite websites, such as large, small, important and regular websites.

Large websites

Large websites are trustworthy and secure websites, such as hundreds of millions of portals (Tencent, Google, etc.). These websites are theoretically is safe. Under normal circumstances, user passwords are not easily leaked and connected. To set up the phone number feature, these websites should not exceed 10.

Small website

Websites other than large websites are small websites that are untrusted. Passwords stored on the website may be leaked at any time, and passwords may be leaked.

Important websites

Core websites related to network usage, such as key emails, online banking, online payment, domain name management, etc. When these websites are hacked, the losses can be huge with the loss of personal property or other website services being attacked.

Personal password security policy

Secondly, classify commonly used passwords: weak passwords, medium passwords, strong passwords

Weak passwords

This is the easiest method to remember, and the default is the forgotten password.

Various small and medium-sized websites, forums, communities, personal websites, etc.

Reason: These websites may not be so safe. Only save some passwords in MD5, some can save passwords in plain text. Hackers can easily steal user passwords from these websites.

Medium Passwords

Medium-strength passwords longer than 8 characters have the ability to prevent fatigue. The

medium password is mainly used for domestic portals, large websites, portals, social networking sites, etc., but is not used in the main mailbox. The portal works best for your mobile number.

Reason: Passwords used on large websites should be stronger because the security of large websites is very good and the possibility of cracking is very low.

Strong Passwords

Strong passwords must be at least eight characters in length, do not contain a username, real name, or company name, and do not contain complete words, Include letters, numbers and special symbols.

Strong passwords are usually used for email, online banking, payment systems, etc.

The above is the detailed content of Which description of password security is incorrect?. For more information, please follow other related articles on the PHP Chinese website!