Password protection can be thought of as a necessary evil. You shouldn’t try living without it, and sometimes it’s a pain in the neck to actually use.
Do you get frustrated each time you try to log in to a site where you are required to enter a password?
Have you been hacked because someone cracked that simple password you’ve been using?
Here’s some good news.
According to an article in the Washington Post by Todd C. Frankel and Andrea Peterson, there’s a new and easier way to create strong passwords.
Instead of using a traditional password, the new standard calls for the use of a passphrase.
In case you’ve never seen this used, now there is a good reference to “justify” adoption of the practice.
The federal government’s National Institute for Standards and Technology (NIST) has issued draft recommendation (not formally adopted as of this writing) that turns the standard password convention on its head.
Instead of those strings of random characters that include so many upper case, so many lower case, at least one special character, and no names or words in the dictionary…… You get the point.
Instead of all that, the article reports, studies by Carnegie Mellon University show that passphrases are just as good because more than anything else the length of the password is what blocks unauthorized users from gaining access to whatever it is you are protecting.
This is good news for those of us who are constantly forgetting our passwords or mistype all those random characters. It sure will make things easier.
A word of caution. If you try to adopt this new passphrasing technique, you may run into some instances where the system you’re on cannot accept long passphrases. Mainly it would be due to the age and design of the system that limits character space to something much less than your phrase would need. I know of some systems that still limit passwords to only letters and numbers and limit the length to only five or six characters. But time is likely to ensure the new passphrasing capability is incorporated into sites or they will lose security and customers.
When creating your passphrase think of a sentence that may not make sense to just anyone, and one that is easy for you to remember and type. Do not use quotations or lines from movies or songs to help protect against hackers from using databases of these records when trying to gain access to your site.
I will probably still insert one or two special characters into my passphrase just to help prevent existing or future password cracking programs from being able to easily crack my passphrase. It may be unnecessary, but I tend to take extra precautions, kind of like an overprotective parent.
Whether you adopt the passphrase security technique or not, I’d recommend against using the same password or passphrase on multiple sites.
You can read the entire article at https://www.washingtonpost.com/news/the-switch/wp/2016/08/11/theres-a-new-way-to-make-strong-passwords-and-its-way-easier/