Thanks to powerful brute-force-attack software readily available online, hackers can try tens of millions of possible password combinations per second. For example, hacking software can guess a five-character password in under three hours. If you only use lowercase letters, it’s 11.9 seconds.
You know you need to have a better password than “password” or “letmein” if you have any hope of keeping hackers out of your PC. But what does a “strong” password mean?
A good password should be at least eight characters long (or longer!), with a combination of uppercase and lowercase letters, numbers and symbols that are hard to guess. Don’t use dictionary words with proper capitalization, which are easy to guess. Even though Password123# and similar passwords meet the length and letter-number-symbol requirements, they pose no difficulty for hackers.
Remember, hackers have sophisticated password-hacking software that will run 24/7/365. If you want a quick tip for remembering your password, use a catchy phrase and insert letters and numbers into it, like $h@KeNb8ke.
Alan Edwards, CISM, is chief information officer at Computerware, Inc., in Vienna, Virginia.