Our Blog

Berlin Web Studio blog keeps you up-to-date with web design and development, industry news, security issues, open source software, online marketing, SEO and much more. We cover basic tutorials to the latest in programming ideas. Beginners and experienced users will find something of interest here.

Posted by Editor
Editor has not set their biography yet
User is currently offline
on Wednesday, 26 September 2012
in Security Issues

Longer Passwords are Safer Passwords


According to the latest IBM security report, which we mentioned in our last blog post, longer passwords made up of strings of words are now considered much safer and harder to crack than alpha-numeric and special character passwords. 

These passwords, more accurately described as passphrases, can be a combination of words or an entire sentence.   

As copywriter, I'm thrilled by this revelation.  It means I can start to create passwords that mean something to me that I can remember more easily and that won't be easily guessable or hackable by others.

For example, instead of Write12copyWOW! I can choose a string of words such as BuffyandSpikenotAngel.  (Can you guess what show I loved?)

Or something like VampiresareBillandEricnotTwilight. (Are you spotting a theme here?)

Or I could take a line from a favourite song (All Along the Watchtower) springs to mind - lots of lines there for me, or you could use a line of poetry, whatever you can remember.  

The key, IBM says, is to have a passphrase you can easily remember and not have to write down on a sticky note or in a book!

Easier and Safer

Not only are such passwords easier to remember, but they are much safer too. IBM report that any 30 character password is always going to be harder to break than a 10 character password, even if the latter uses alpha-numerics and special characters. 

And if you have to use numbers or special characters, you can add them in easily and still remember your phrase. 

So BuffyandSpikenotAngel could become Buffy4SpikenotAngel! 

VampriresareBillandEricnotTwilight could become 2Vampires=BillandEricnotTwilight!

These passphrases are still easy to remember. 

Passphrases are Not a New Idea

Interestingly passphrases are not a new idea.  The idea of using sentences instead of passwords has been floated around the internet since at least 2004 with many people calling for its use since 2005.

Hopefully, with IBM now backing them, we shall soon see them become the standard rather than the exception to the rule.  

To be Extra Secure - Lie on Security Questions

Finally, when it comes to password security, IBM recommend that you lie when you answer those password reset questions that are supposed to make it easy for you to retrieve a lost password.  These systems are weak, say IBM, so if you have to answer such a question to set up your password, lie. 

This might seem hard to do and hard to remember, but it isn't if you use your imagination!  Be someone else!  Be your favourite star, your favourite character or an amalgam of your favourites.  You will remember the answers, but no-one else will be able to guess them. 

So for me my birthdate would be, let's say, ten years later than reality.  My school would probably be Sunnydale High and my place of birth Gallifrey, or a variation on the Sci-Fi geek theme.  (I wouldn't actually tell you what I'll put, that would kind of ruin the point of telling you how to improve your password security!)


0 votes
Editor has not set their biography yet