Client Area · 0114 299 4050
View Services

How to Create a Password to Last 552 Quadrillion Years

How to Create a Password to Last 552 Quadrillion Years
Read our advice on how to create a long lasting, valuable password. Find more tips and advice on our blog, or feel free to get in touch.

The best practice for passwords is something that is often discussed in IT. There are lots of different opinions when it comes to the best method of ensuring your password is “secure”. But with password brute force tools getting smarter every single day, we must up our game when it comes to creating the best, most unbreakable passwords.

Previously, the following complex password method has been popular….
Pick a sentence, using the first letter of each word to make up the characters in the password, then add complexity after.

Example:
Resolve does IT support in the City of Sheffield
Would become
rdisitcos
Which in turn would become
Rd1s!tc0S

However, although these passwords are difficult for people to remember, they are easy-peasy for a computer to crack. Plus, due to the fact people can’t remember them, they write them down, which immediately makes them insecure – and they keep them short which vastly lowers the time it takes to crack the password.

The example above looks like a relatively complicated password but look how quickly a computer can crack it…

 

So, I think we are all agreed that we need a new method. Luckily, there is a new method and I am about to explain it…

This new method helps you create a secure password that is easy for a human to remember, difficult for a human to guess and complex enough that a computer can’t guess it quickly. Perfect!

All you need to do is this:
Pick three or four random words (they can be themed if you like), join them together to make a longer password, then add complexity, example below:
Pick four words:
Blue, Fish, Carrot, Sauce
Which would become:
bluefishcarrotsauce
and with a dash of complexity:
Blu3F!shC4rr0tSauc3

This is relatively easy to remember and even adds extra layers of security through obscurity. When I run it through the password security checker I get the following…


I think it’s safe to assume that you’d change your password way before the 552 quadrillion years is up, so I would count this as a secure password.

Here’s a few tips to help you in your password creation:
Never share your password
Minimum character length of 12-16 characters (three to four words)
Use special characters and numbers throughout the password, not just at the end
Special characters are !”£$%^&*[]{}#~’@></-+*=_
Where possible try not to save passwords, unless you’re using software such as LastPass or another password manager.

If you want to put your passwords to the test visit: https://howsecureismypassword.net/

You can find out more about cyber security concerns here: https://resolve.co.uk/blog/article/how-can-i-protect-my-business-from-a-cyber-attack

< Back to Blog

Popular Posts:

Comments

  1. Jason
    13.04.2018

    Great article. One question I do have about these password checker sites, such as the one you've listed...is there a risk of them identifying you by your IP address and recording what passwords you type into their checker...ultimately making it easy for them to find out your passwords!?

    Reply to this post



    Allowed tags: <b><i><br>



  2. Resolve
    18.04.2018

    Thanks for your comment, Jason – that’s a very valid question! Whilst you are only entering current or potential passwords into the password checker site without providing information as to which accounts they are associated with, having your IP address can could potentially provide sufficient information to link the password to an account. If you are attempting to check your existing password and find that it is weak, then this would imply that you are changing it anyway; however, if you are checking for the strength of a potential new password or find that your existing password is sufficiently complex, then simply use the password checker as a guide and create a new password based on the conventions you found to be strong.

    Taking the example password displayed in the article (“Blu3F!shC4rr0tSauc3”), having evidence that this format is incredibly secure you could then decide that your new password will be “Gr33nFr0gP3pp3rR3l!sh”. You obviously have no need to check this though, as you have already seen that this will be complex enough – however, just to prove the theory in this example, I can see that the password I have created using this method would take 35 quintillion years to crack. I hope this helps!

    Reply to this post



    Allowed tags: <b><i><br>



Please leave a comment



Allowed tags: <b><i><br>



emergency it response: 0114 299 4050 View PAYG Options