The ideal password

07.09.2017

Passwords are still the best way to protect online accounts and data. And although hackers publish lists with passwords more and more frequently, a password need not be complex to ensure appropriate security for you. Here are some tips.

Longer is better

Ideas on what the ideal password should look like have changed considerably in recent years. Whereas using a complex combination of letters, figures and punctuation marks used to be recommended, now the length appears to be crucial. The longer a password, the longer computers will take to break it. ‘Br0k3n!’ for instance is a lot easier to crack than “ape nut nasty” or another sequence of random words.

Opt for at least 12 characters, but avoid obvious passwords in which your name, place of residence, birthday, etc. occur. A sentence, a question, a line from your favourite song are ideal and easy to remember.

 

Do not change passwords too often

Many companies used to require their employees to devise a new password every so often. Specialists now say you should not do that. People tend to choose for variants of the same password (superman1, superman2, etc.).  “The more often you ask them to change their password, the weaker the password becomes,” says Bill Burr, an authority on computer passwords.  “And because everyone has so many online accounts, we are going to reuse those weak passwords on different systems.”

Using password managers

So it’s best not to do that. Ideally, we should use a different password for each online account. But unless you have an exceptionally good memory, it naturally becomes impossible to remember them all. That is why there are useful tools that help you and can even generate extra strong passwords, such as Last Pass and 1Password.

2-step verification

Lots of websites now also provide an extra security layer in the form of 2-step verification, whereby, in addition to a combination of username and password, you also need access to your mobile telephone.

2-step verification comes in various forms, from sending an SMS with a code to your previously indicated telephone number, to using an app which generates access codes on your specific device. Adding an extra, physical layer to the login procedure, enhances the security of your login data considerably.

DNS Belgium
Security