Thanks to powerful brute-force-attack software readily available online, hackers can try tens of millions of possible password combinations per second. For example, hacking software can guess a five-character password in under three hours. If you only use lowercase letters, it’s 11.9 seconds.
You know you need to have a better password than “password” or “letmein” to have any hope of keeping hackers out of your PC, but what does a “strong” password mean?
A good password should be at least eight characters long — or longer! — and have a combination of uppercase and lowercase letters, numbers and symbols that are hard to guess. Don’t use dictionary words with proper capitalization (like Password123#) because they’re easy to guess. Even though it meets the requirements just mentioned, it’s easily hacked.
Remember, hackers have sophisticated password-hacking software that will run 24/7/365. If you want a quick tip for remembering your password, use a familiar phrase and insert letters and numbers into it: $h@KeNb8ke, for example.
Alan Edwards, CISM, is chief information officer at Computerware, Inc., in Vienna, Virginia.