Home-Download software-Creating passwords: how to come up with a strong password. What password to choose

Creating passwords: how to come up with a strong password. What password to choose

In order to reliably protect data on your computer from hacking by intruders, you must always consider options for encrypting information. As a rule, to enter certain sites or use certain applications A password is always used. However, thanks modern technologies Today's hackers are very quick to guess and recognize simple methods encryption. In order not to lose the necessary data and not become a victim of attackers, you need to carefully think through the “password”. In order to figure out how to do this, first of all, it is worth considering the types and methods of encryption.

Types of passwords

Today, the following types of encryption are distinguished:

  • alphabetic;
  • symbolic;
  • digital;
  • combined;
  • using register.

The first 3 categories are considered the most unreliable. If only letters or symbols were used to create a password, then such a cipher is quite easy to crack even with the most basic program. Such “passwords” can be used exclusively on forums or accounts that you are not afraid of losing. The following coding categories are worth considering more seriously.

How to come up with a password: letters, numbers and symbols

The more additional information contains the code, the better. Such ciphers are almost impossible to crack. If the codes use combinations of letters and numbers or different characters, then these are the most complex passwords.

It is also worth considering that the code must not be very short. The fewer characters used in encryption, the easier it will be for attackers. Therefore, a complex password of 8 characters or more signs are considered the best.

If we talk about examples of bad passwords, the worst ones are considered to be combinations consisting of the same repeated numbers or letters. In this case, hacking is guaranteed.

However, many are faced with the problem of choosing the right options complex passwords For mailbox or another method of authorization on virtual resources not so easy. The fact is that many Internet users access a wide variety of portals. If for each of them we come up with separate code, you may end up getting confused. What to do in this situation?

Register

The most complex passwords usually consist of both uppercase and lowercase letters.

However, it is not recommended to use specific words, which can be translated from English or other languages. It is better if it is a chaotic set of symbols, in which some characters will be large and others small.

It is most convenient to remember passwords written using case, if the specific sequence uppercase and lowercase letters. For example, the first character can be made small, the second - large, and so on.

Changelings

In order not to rack their brains about how to remember a complex password, some network users very often use their date of birth as a “password”. Unfortunately, such codes are considered the most unreliable. The fact is that it will not be difficult for attackers to find this information on a social network or other sources. However, this does not mean that this method should be excluded. If you mirror all the characters in the code, you can create a pretty interesting password.

For example, a complex password of numbers “772010” means that the person was actually born on February 1, 1977. However, it is advisable to supplement such a cipher with some other symbols.

Generators

And in order not to rack your brains over how to come up with a password, it’s much easier to use ready-made programs. However, you need to understand that when using such applications there is a risk that they themselves may turn out to be developed by attackers, so it is much better to come up with “passwords” on your own.

However, it is still worth considering what a generator is. This program creates passwords by randomly selecting random combinations of letters, numbers and other symbols. In this case, as a rule, several encoding methods are used at once, with the exception of “reversals”.

This type of program is very small and easy to install. As a rule, they have only 1 button, so even inexperienced user can easily choose the password he likes best and use it.

Such programs usually have internal antiviruses installed that prevent attacks by intruders. However, it is worth considering that the codes will be saved in the program database, so malware may have access to these files.

In addition, after using the generator, many users receive extremely complex passwords that are simply impossible to remember. Some people make the huge mistake of recording this information in a file, saving it on their computer desktop. Doing this is strictly prohibited.

Encryption

This encoding method has something in common with the methods described above. Let's take a closer look at how encryption is done. This is much easier to do using complex passwords as an example.

You can take the simplest but unique phrase that a person can remember quite easily. For example, someone liked the phrase “space oysters.” You can also use any lines from your favorite songs and poems, or just a set of chaotic words that the user likes most.

  • Rewrite all Russian words using the English layout. Based on our complex password example, it should be something like rjcvbxtcrbt ecnhbws.
  • Mirror the phrase swbhnce tbrctxbvcjr.
  • Replace all letters with symbols that look similar to them. For example, the letter "o" can be replaced with "()", and the character "i" can easily be specified as "!" etc.
  • Remove paired or unpaired characters.
  • Remove all consonants or, conversely, vowels.
  • Add additional special characters or numbers.

There is also another way that will help you quickly create the most complex passwords and not forget them. For example, let’s take the same phrase “space oysters.” If you take the first 4 letters of the first word and 4 characters from the second, you get the incoherent word “kosmritsy”. After this, just switch to the English layout and dial this combination again. We get rjcvhbws.

If you complicate the cipher a little and add a capital letter, then in this case the password will be very easy to remember, since the original word is known only to the user himself.

Such combinations are considered the most complex passwords, which are quite easy to remember.

As a rule, many novice Internet users use their address as a login. email. Under no circumstances should you do this, since it will not be difficult for attackers to find out information about a person’s mailbox. Therefore, it is better to come up with some other word. You should also adhere to the following recommendations:

  • When creating passwords, you should never use personal data (for example, last name or first name, as well as the names of relatives or the names of pets).
  • It is not recommended to enter addresses, date of birth and other information that can be easily found on any social network.
  • You should not use those phrases or phrases that are widely used in everyday life by most people.
  • The code length must be at least 10 characters.

How to quickly remember a new password?

To do this, it is best to use some phrases that no one else repeats. Apply quotes famous people not recommended as many people do it.

You can use an automatic poetry generator for this, as well as other poetry services, of which there are a huge number today.

Perhaps there is a word or expression in the family that is rarely used by anyone else. You can simply use Latin letters to write it, and also supplement them with some in significant numbers, which will not be the date of birth.

We often talk in step by step instructions site site that passwords need to be created strong, long and complex. But what does all this mean in practice?

Let's understand the topic of creating strong passwords right now and learn how to create good passwords that attackers cannot crack.

Let us immediately note that none of the following tips provides 100% protection against hacking or theft. There is simply no such method in the world that would guarantee accurate protection against scammers!

If hack professionals want to get your password, they will do it, but strong passwords can weed out some newbies and non-specialists, complicate the task of hacking your account and greatly spoil the nerves of attackers, and therefore there is still a point in good passwords.

How do scammers find out your password?

There are several ways to obtain your secret password:

1. Simple theft, theft, password theft:

  • through special programs
  • over the Internet,
  • through fake websites
  • through fake programs,
  • through access to your computer or the sheet of paper on which you write down passwords,
  • finally, through blackmail, torture and interrogation (the latter is a joke, of course, but some girls actually use these methods to extract their boyfriends’ passwords in order to control their correspondence!).

Often these scammers can disguise their goals as completely harmless, for example, you are asked to provide your profile login information in order to enter the program or to confirm your registration or unlock your profile.

2. Social engineering. The essence of the method includes a logical approach and analysis of your person, identifying your personal information (year of birth, names of loved ones, passport details, telephone numbers, names of relatives, names of pets...).

3. Simple search through dictionaries. The simplest and stupidest way that still manages to hack simple passwords, consisting of dictionary words, popular combinations like 123456789 or abcdef or qwert. Here, a program with a built-in dictionary is actually launched and dictionary combinations are searched.

4. Brute search. Similar to the previous method, but includes everything possible combinations at all. The system tries any values, and the fraudster hopes for luck that some options may coincide.

Considering the speed of such search (about 100,000 or even 1,000,000 combinations per minute), the probability of a match is quite high.

How to create/come up with a good password

A strong password should:

a) consist of letters and numbers;
b) have 8 or more characters;
c) contain both uppercase (lowercase) and lowercase letters;
d) include symbols (not alphanumeric characters);
e) do not coincide with any dictionary word (in all languages).

To quickly create good password, we would advise taking a memorable phrase or expression that has nothing to do with you and typing it without spaces in English layout.

Along the way, it is necessary to dilute this phrase with simple symbols and numbers, but in such a way that it is illogical. After this, all that remains is to replace a few lowercase letters with uppercase ones, and the job is done, a good password is ready. But all this is easier to understand with examples.

EXAMPLE of creating a good password #1

Step #1

Let's take the same phrase " strong password", we type it in the English layout, we get "yflt; ysq gfhjkm".

Step #2

Now we remove the space between the words and replace a couple of lowercase letters with capital ones, we get “yflt;ysQgfhjKm”.

Step #3

Now let’s add a couple of numbers, for example, at the beginning and end of the phrase, we get “2yflt;ysQgfhjKm1”

TOTAL: our password has 16 characters, there are uppercase and lowercase letters, there are numbers and symbols, there are no dictionary words! This is a good and strong password that is easy to remember using the phrase “2STRONG PASSWORD1” (only without a space in the center).

EXAMPLE of creating a good password #2

Step #1

Let’s take the following phrase “peace be at home”, type it in the English layout, and get “vbh ljve”.

Step #2

Now let’s remove the space between the words and replace a couple of lowercase letters with capital ones, we get “vBhljVe” (replaced the 2nd from the left and 2nd from the right letters in the phrase).

Step #3

Now let’s add numbers, for example, at the end of the phrase, we get “vBhljVe21”.

Step #4

Let’s complicate the passphrase with some symbol, but not between words, but after the first letter, to make it illogical, we get “v~BhljVe21”

TOTAL: our password has 10 characters, there are uppercase and lowercase letters, there are numbers and symbols, there are no dictionary words. This is how the phrase “peace at home” turns into a cool and complex password for us! And it's easy to remember.

The more illogical and unusual your password creation techniques are, the more secure it will be!

It's so easy to create a complex and secure password that will protect your profile well from simple hacking. At the same time, it is worth remembering that for different sites you should create different passwords, and all of them must meet the above requirements.

If you ignore these tips and use simple combinations, personal data or dictionary words, the same passwords everywhere and everywhere, don’t be surprised if your profiles are hacked, we warned you….

And under no circumstances enter passwords on sites or programs that raise even the slightest doubt! After all, it’s easier for an attacker to steal your password than to guess it.

Passwords are everywhere: in social networks, payment systems, on your computer and phone. It is unrealistic to keep so much information in your head, so many users follow the path of least resistance - they come up with one key that is easy to remember, and then enter it on all sites where they register.

This approach to security can end in disaster. If the access code for VKontakte or Odnoklassniki can be lost without serious financial consequences, and therefore there is no need to make it complicated, then come up with a password for registering in the payment system or creation of Apple The ID must be such that no one except the owner can access the data.

Rules for creating passwords

Almost all sites have a list of password requirements when registering. However, usually these requirements are minimal: at least 8 characters, cannot consist only of numbers or letters, etc. To create a truly complex password, you need to keep a few more restrictions in mind.

  • Login and password must not be the same.
  • It is not recommended to use any personal information, especially if it can be learned from social networks or other sources.
  • It is not recommended to use words.

To understand the logic of these prohibitions, just look at how passwords are cracked. For example, a 5-digit key is only 100 thousand combinations. The hacking program, by simply searching through all the options, will find a suitable combination in 2 minutes, if not less. A rare word will not work for an access code either. An attacker can analyze different dictionaries for different languages and find a match. The only question is how long it will take - a few minutes or a couple of hours.

Advanced PDF program Password Recovery to crack passwords set on PDF document. Uses brute force and allows you to fine-tune the selection by noting the characters used in the password.

The combination of a rare word and numbers will also not work. Bruteforce technology allows you to search for combinations of numbers and words, so that such a key will fall if necessary. It will, of course, last a little longer than 123456789, but if you suffer losses due to hacking, then this time difference is unlikely to seem significant. To understand which password is reliable and which is not so good, let’s take a look specific examples. The approximate hacking time is calculated using password checking services, which are described below.

  • Date of birth (05041992) – will be hacked in 3 milliseconds.
  • A name with a small or capital letter (Segey, sergey) will last 300-500 milliseconds, that is, less than half a second.
  • Combinations of numbers and lowercase letters (1k2k3d4a9v) – approximately 1 day.
  • It will take about 6 years to crack a password like HDA5-MHJDa.
  • The combination AhRn&Mkbl363NYp will be deciphered in 16 million years.

The cracker will not work for 16 million years or even 6 years - this value only demonstrates that it is impossible to crack the password within an acceptable period of time.

Password generation

It's one thing to know the rules, another thing to follow them. Most users are aware that they cannot use an access code consisting of their date of birth or name to register, but this stops few. Two problems:

  • It's hard to come up with a complex password.
  • Even if you create a password containing a random set of characters, it is difficult (sometimes simply impossible) to remember.

An online password generator will help you solve the first problem. You can find it on the Internet large number services that offer to quickly create a complex password from letters, numbers, and special characters.

Working online generators according to one principle: you indicate which characters need to be used, select the required number of characters and click “Generate”. The services differ only in certain aspects.

For example, on Pasw.ru you can generate several dozen passwords at once (up to 99 combinations). PassGen allows you to set the option to automatically exclude duplicate characters from the security key, that is, all characters in it will be in the singular.

Key storage

If you can generate a password online, then you need to store the keys on your computer. Write down the password on a piece of paper separate document on a computer, on a sticker glued to the screen - a path to unauthorized access to data. So here comes the second problem: how to remember the created key.

You shouldn't rely on memory, but you can rely on a password manager. Many users choose KeePass. This program is free and works on Windows 7, Windows 10 and others. modern versions OS from Microsoft. In addition, KeePass has a built-in password generator, so you don't have to search for online services every time.

The only downside of a password manager is that it also requires an access code, which is called a master password. But remembering one master password is much easier than keeping dozens of complex combinations in your mind. In addition, when creating it, you can use a trick - take poetry, counting rhymes or any other memorable lines as a basis and turn them into a combination of letters, numbers and signs.

For example, you can take a quatrain, highlight the first letters and punctuation marks, and then write them on Latin layout. Some letters can be replaced with numbers - “z” with “3”, “o” with “0”, “h” with “4”. As a result of such manipulation, from four lines of a children's poem that will never leave your head, you will get the password U0d?D3ep.Gzc3hek, which will take 3 trillion years to crack.

Difficulty check

On many sites, when registering, the user is shown whether he has a good password. You can make sure that the generated code is complex and you won’t be able to hack it quickly, you can do it yourself, using the service ? In the “Enter Password” field, paste the generated password. In response, you will receive the approximate time it will take to crack the key on a regular computer. If it’s several million or at least thousands of years old, then the code is definitely reliable.

You can use other services to check reliability: for example, from Kaspersky Lab. It also shows the time required to crack a password, at the same time telling you what can be done within the specified period.

Another interesting way checks - the “Password Strength” service on the website 2ip.ru. Here the result is categorical: the key is either reliable or unreliable.

You need to understand that the hacking time shown by these services is very arbitrary and is calculated in case the hacker uses regular computer. A supercomputer with fantastic performance will do the job faster, as will dedicated password-cracking machines that can test up to 90 billion keys per second. But it is unlikely that people who own such equipment will need your email, Skype or Wi-Fi password.

Here you are, dear reader, you probably don’t close your house or apartment with a latch or a hook. Entrance door, and choose a more reliable, stronger lock and key for your home, so that no one can get inside without your knowledge. And that’s right, and that’s how it should be! Otherwise, at some point in time, or rather, day or night, you can lose everything that was acquired by back-breaking labor.

It is noteworthy that this everyday truth is also true for accounts in online services. They also need to be locked, and well locked with a key - a password - from strangers. After all, those who want to covet profiles, accounts in payment systems, online games, social networks, and anywhere (the Internet is big!), more than enough. And you don’t need to reassure yourself during the registration process on the next web resource with thoughts like “Who knows me here...”, “Who needs my profile...”, etc. Fragile hope for "maybe" in in this case could lead to trouble. Moreover, large ones if, for example, we are talking about cash in your online banking account.

In this article, you will learn how to come up with a strong password, how to remember it, and how to store it safely on your computer.

Complex password - guarantee of confidentiality

Why do you need to come up with a good password? Yes, because it is the very first and most important level of protection for your personal data. Computer attackers “open” many user profiles by guessing a password using special programs. Lightweight symbolic keys are a godsend for them. Once - and you're done! You don't need to work hard on hacking.

To further clarify this situation with statistical arguments, we will use a special web service https://howsecureismypassword.net/. It tells you how long it might take to crack specified by the user password. That is, it evaluates the degree of its resistance to hacking.

So, let's assume that we decided to come up with a password using the arrangement of letters on the keyboard - qwerty (well, a very trivial combination). We ask the service.

Now let's try to test a key 6 characters long, consisting of small English letters and numbers - ty23ds.

The result is also disappointing: 54 milliseconds. Of course, in such a period of time the sequence can only be “solved” automated method. However, in most cases, hackers use exactly this technology.

Let's complicate the combination: add capital letters into the set and increase the key length to 11 characters. Enter - eYtou349i93.

This is much better: the villain-burglar will have to pore over finding the key for 41 years (in theory, of course!).

But you can come up with a more complicated password: increase the length even further, for example, to 18 characters, and use special characters along with letters and numbers. Something like - ew$yu*ow)RweQ23&tT.

The result is simply “cosmic” (by the way, to the delight of the user): the estimated time required for selection is 7 quadrillion years. And in 1 quadrillion, as you know, there are 15 zeros. In general, no comments.

Vigilant readers will, of course, immediately ask the question: “Recruitment, but what about the Trojans? Are they stealing passwords? Yes, the tools of attackers are extensive: they include viruses, social engineering, and special software. And a complex password is certainly not a perfect panacea for hacking. account. But it can safely be called a powerful protective obstacle on the way of hackers to confidential data.

Password rules

When creating a symbolic combination to enter the site, regardless of its functionality and purpose, mandatory Consider the following points:

1. Avoid simple combinations. In particular:

  • logical sequences - abcde, 1234;
  • keyboard layout vertically, horizontally, diagonally, etc. - asdfg, qscwdv.

2. Do not use dictionary words in “pure form” (without adding other symbols, numbers). Especially such as “parol”, “password”, “admin”, “my_parol”.

3. Do not use personal data that is in the open access, for example, on a personal page on a social network or in a profile on a forum. Even with added numbers! Including phone number, date of birth, mailbox address, first name, last name, patronymic, names of pets.

5. Do not enter Russian words in the English layout (example: input - d)

Related publications: