I have a problem to memorize especially password. I have to memorize many passwords for applications in the Internet. However, I believe that I am not the only one with this problem π
How to memorize passwords?
I see comic above and understand that the most important thing is hard to crack and easy to remember. Those combinations are our goal. Let’s open this site, https://howsecureismypassword.net/. You may compare both passwords and will find the second one takes more time to be cracked. I do not know how that site calculate the strength of password but we can use to compare each password we enter.
Rule #1 : Length is important. Some advices suggest at least 12 characters. If you can go till the length of password field, it is better π
Rule #2 : Use mixture of upper-case and lower cases, numbers and symbols.
Rule #3 : Not a single word and it is common word in any language. Are you not sure about it? Please go to OWASP SecList Project. That project has millions single common words that can be used to crack your password.
Rule #4 : Change regularly (e.g. every 6 months)
Rule #5 : Do not using password that you have used recently.
Rule #6 : Not your telephone numbers, username, your spouse’s or kid’s name and their birthdate, mother’s maiden name or anything that someone might associate with you.
Rule #7 : Do not use common substitution (e.g. 4 for a or 5 for s)
Rule #8 : Do not use one password for all accounts although it is quite strong enough.
Once it has been cracked, all your accounts are compromised.. sad..
Rule #9 : You may have your application service in your password (read my example below).
Let’s we try to apply those rules. I want to create a strong password for my Facebook account. I like to hear song especially 70’s, 80’s and 90’s songs… I take a song with title If from Bread. I take this password
Facebook If A Picture Paints A Thousand Words
Rule #1 : Yeah.. there are 45 characters (including spaces).
Rule #2 : Done. I have spaces and combination of upper-case and lower-case.
Rule #3 : Of course it is not single word.
Rule #6 : Do not use common substitution (e.g. 4 for a or 5 for s)
Rule #9 : I put Facebook π It makes my password strong as well.
When I try to use https://howsecureismypassword.net, I get 603 unvigintillion years to crack it using a desktop PC.
Now… after read this.. how strong is your password? The choice is yours…..
h4ck3r-protocol 