For years, people have been warned about using strong passwords and being told that strong passwords have the following characteristics:
- Mixed Upper and Lower Case
- Special Characters
It goes without saying you should NEVER have a password that might relate to your name or the name of a family member.
But there is a website that will tell you exactly how STRONG (or weak) your password happens to be. The strength of a password is measured in entropy. The higher the entropy, the stronger the password.
So, using the above criteria, how strong are the following passwords?
|Password||Entropy||Comment||@1k guess per sec|
|He1nr1ch$||39.9||Reasonable Strength. But it’s also my name.||17 years|
|Fleaswtracenlant||72.8||Strong. But it’s also the name of my ‘A’ School in the Navy.||149.7 BILLION years|
|Trump_8==>||42.9||Reasonable, and reflects a political opinion.||140 years|
Is there a better way? Yes. Use four words that only mean something to you.
Example. Chicken Nuggets Tent Farts
I went camping with a friend of mine. He ate an entire 20 pack of Chicken Nuggets. I slept outside for obvious reasons.
What is the entropy here? 116.4 bits, which is incredibly strong. At a 1,000 guesses a SECOND, it would take 2,634,346,452,833,500,000,000,000 years to guess the password.
That’s 2.6 septillion years.
As a frame of reference, the Big Bang event occurred 14 billion years ago and the last dinosaurs died out 65 million years ago.
XKCD had a comic for this…