How to create a Secure Password

1

How to create a Secure Password

Your password is one of your few defenses from hackers online. Creating a secure password is a must have, but how to create a secure password is the real question. First lets get into how hackers “hack” your password? Hackers will mainly crack your password in a variety of ways. The most common ways are cracking it, or having a virus pick it up and send it to them. One of the oldest and most common ways is cracking passwords. It involves trying all sorts of combinations and in the end hopefully guessing the right one. Everyone has tried a form of cracking whether we where trying to guess someones Facebook password, or we were trying to log into someones account that wasn’t ours. We were trying a low level of cracking technically. But, hackers have a much more reliable method. They will generally have mass amounts of computers attack a site, or have a program crack for them. Then you have the extremely popular virus method. Whats easier than making a virus, mass distributing it, and having it do the work for you? Hackers will make a program, usually fake programs, and bind a virus into it. When they have infected you, they can have their virus steal all your browser information, and send it to their server/them. Or they can have it so everything you type in gets logged over to them. Its very common and simple for them. They can just harvest your data in their pajamas at their desk.

How does this hacker stuff work?

I won’t get into grave detail, but the methods are somewhat complex if your just hearing this. The cracking method may work with proxies and a program. The hacker loads thousands of proxies into their program, and will try and crack your password. They will load the proxies in a program, then attempt to crack your password with a list of common passwords used. Or they will have a program that makes random passwords and will try and crack at a more random rate. Cracking used to be very difficult. If you had a secure password and the hacker was at a lower level using a cheaper program, it was estimated it could take almost 30+ years to crack some passwords. But recently hackers have been harvesting botnets for cracking. The host will infect thousands of computers, then have them attack sites at rapid rates. Recently studies have shown 16 character passwords can be cracked in under an hour, and now there are programs to crack 55 character passwords at a rapid rate. Past studies showed it would take years to crack passwords like these. But not with the botnets, they can have hundreds of thousands of computer attacking websites at massive rates no one has ever seen before. The other virus method is even easier. The individual usually makes a bogus program, or has a legitimate program and binds the virus to it, then they infect you. They will usually have the virus coded to sending passwords, and/or appdata out. The moment you execute the bogus program, it will go into your password directory/browser data, suck up all your data, and send it to their server/the hacker. It will usually continually send out passwords till the virus is removed, or the virus is outdated and the hacker has moved on. There are some tools hacker use that are as easy as infecting you, and clicking “extract passwords”, then the individual can have access to all your password data. The tools are called R.A.T.’s/Remote Administrative Tools. They allow the hacker to have full control over your computer. You are generally referred to as their slave since they have %100 control over the machine. They can infect you, look through your webcam, steal passwords, make things pop-up, change your backgrounds, watch what your doing on your desktop, record what you are doing, and/or do whatever they want. They have full access. And it is not hard at all to do. The password world is only as secure as it was made.

Are they really targeting me?

Most likely they are not. Generally the big botnets are attacking websites, databases, servers, and bigger scale items. Most likely an elite hacker would not care about your Facebook password, but instead care about the Facebook database. Some smaller scale cracking programs can be used easily. Some people want to hack their friends, neighbors, bullies and whatnot with it. Sometimes they have success, but it is rare. If you have a strong password, the cracker can only do so much. But the viruses are used on a larger scale. Viruses are one of the most common things online, and they are simple to make. I made a guide here on how to remove almost any virus on your computer. But viruses can take any password you have typed in, or have stored, usually. You can read the article above on how to avoid such occurrences. But viruses will target the home user. They can steal your passwords even if you are using a VPN, or have an encrypted hard drive. Encryption via VPN/hard drive encryption will not protect you here. Those are more for online security, to not get tracked, traced, or have your data stolen via the data transfer. But since the virus has access to your hard drive, encryption doesn’t actually help here. Yes, viruses are most likely targeting you!

How to create a Secure Password?

First, remove all your viruses here. Now we gotta create the actual password. %99 of people I know are using something similar to NameAge, or something similar to Phineas21. Or their pets name, or something easy. Some don’t even use numbers, just Phineas. The key to creating a secure password is having it be long, using capitols, using symbols, and having multiples. You would want something similar to Phineas;UsesThisPassWORd!4589. Thats an example of a very long password. The average password length they say to use it 17+ characters. You can always include passwords too. Maybe use Phineas21Johnny46. Putting passwords together is a great way to make a secure password. A lot of people have a hard time remembering one password, let alone having multiple for each site. A good recommendation is to stack passwords. For your bank use your Facebook password, your Twitter password, and you email password all in one. It may look something like Johnny48ThisismyPassword88FacebookSucks65. It may seem long and hard to remember at first, but if you have separate passwords for separate sites, start using them together, or just morphing them with one symbol !@#$%^&*())_+”:{]’;,./ . If you cannot remember passwords, cannot create long passwords, and just hate passwords overall, there are some other options.

Is there something that can create, and/or hold long passwords for me?

A lot of people hate typing in their usernames and passwords. It is just such a big waste of time. You have to sit and mash on your keyboard for extended amounts of time just to login to check your email, twitter feed, facebook, or anything. It is very annoying and almost hazardous. Someone may see you typing it, a public WiFi may have someone snooping on it, and its just a big problem. LastPass fixes all that. Before I explain LastPass watch their video


LastPass takes the hazard out of your day. LastPass types out your username, and password for you, as well as creating passwords for you. LastPass will go ahead and create a very long and secure password to stop people from hacking and cracking your data. But what about all these viruses that are out to get me? LastPass has all your data encrypted. To get into your LastPass vault that has all your passwords, you have to type in one master password. This is where you make yourself a strong password such as !l2;DA@,. this password needs to be STRONG! LastPass is holding all your passwords and if you are using a password such as Phineas, obviously the infector will laugh in your face as he frauds you Amazon account. Also, if you cannot seem to create a secure password here, or want to go even further to secure your LastPass data, you can set up two factor authentication. This allows you to stick a program on a USB thumb drive, and it will give your temporary access to your LastPass data. If you want to use lastpass on a public computer, plug in the thumb drive, and get a temporary password for LastPass, then login to your email and whatnot safely. Check out a review of LastPass here. But on to the features. It remembers your passwords, types them for you, makes passwords for you, and can protect you against phishing. If you click on an accidental link that steals all your cookies/passwords LastPass has you backed up. Your passwords will not be typed into ANY site, unless that is the verified site to LastPass. So if you get redirected to a funky looking facebook site, and LastPass does not type in your password, make sure you go on your search engine, and type in Facebook instead. Lastly, the most important part about LastPass. It stores all your passwords locally on your machine. If the LastPass website got hacked, the hacker would have access to nothing other than ONE login. All the data is stored on your machine. No more do you need to rely on servers, or their website. Its all connected to you for %100 security. LastPass is your all in one password manager, for only $1.00 a month. You can even use it free, but the pro version has a lot of awesome features. Give it a test drive, and if you don’t like it don’t use it, if you do, buy it. Its only $1.00 a month. There are plenty of free alternatives that don’t have as many features, but still offer a password management system. I do not use them, so I do not know the names of any secure password managers that are free.

Overall

How to create a Secure Password. Overall you need a secure password. Getting infecting online is to easy these days. A password is just one step to higher security. Two step authentication is always recommended and is only a temporary solution. I do not feel two factor authentication will always be a solution. It has been bypassed thousands of times. There is no real way to fully protect ourselves, but the only thing we can do is put in all security measures the website offers. Go create yourself a secure password, or have LastPass do it for you.

About Author

Brandon Stosh is the founder and CEO of www.freedomhacker.net. Stosh is a cyber security researcher and professional consultant who strives to provide reliable news on cyber-security based topics.

1 Comment

  1. I think the best and the most secure password is the one that you won’t remember(long and with wide range of
    Character Variety), and the best place to store them is writing them down on a paper and then hiding it in somewhere safe.

Leave A Reply

Send this to friend