+

Cookies on the Business Insider India website

Business Insider India has updated its Privacy and Cookie policy. We use cookies to ensure that we give you the better experience on our website. If you continue without changing your settings, we\'ll assume that you are happy to receive all cookies on the Business Insider India website. However, you can change your cookie setting at any time by clicking on our Cookie Policy at any time. You can also see our Privacy Policy.

Close
HomeQuizzoneWhatsappShare Flash Reads
 

A hacker told me how to make a super strong password I can actually remember

Paul Szoldra,Paul Szoldra,Paul SzoldraMay 10, 2016, 20:06 IST

Ryan Manship and Kurt Muhl, hacking from their hotel.Paul Szoldra/Tech Insider

May 5 was World Password Day, so it's time to change up your passwords to something better.

Advertisement

Fortunately, there's an easy way to come up with a complex password that you won't end up forgetting five minutes later.

"One of the easiest ways to give yourself a strong password would be using a full sentence," said Kurt Muhl of RedTeam Security, an ethical hacking firm in St. Paul, Minn.

The full-sentence technique works like this: Think of an everyday phrase that you can remember, like "My #1 favorite thing in the world is my family," or as Muhl gives as an example, "I bought my house for $1."

Then you take that sentence and convert it to a password by grabbing the first letter of each word. "I bought my house for $1" then becomes Ibmhf$1.

Advertisement

"That's going to give your uppercase, lowercase, a number, and special characters in there," Muhl said. "It's something that's easy to remember. All you gotta do is remember that sentence."

It seems simple, yet many people still resort to weak passwords, which hackers can easily guess using free software tools like John the Ripper. A password that has a word found in a dictionary with a number thrown on the end is something that a tool like "John" could break in about an hour, Muhl explained.

Passwords like "123456" or "password" - consistently found on worst password lists - would only take seconds to crack.

"That is the first thing that we try to go after," Muhl said.

As Muhl explained, John works off dictionary lists - massive text files you can find on any number of hacker forums - that contain words, phrases, numbers, and other password possibilities. It basically keeps trying combinations of words and numbers until it gets it right, which wouldn't take long if the password is particularly weak.

Advertisement

But Muhl's technique makes a dictionary attack fairly impossible, since it's not a word at all. The password becomes even stronger if you have more characters, since the added length ups the number of possibilities.

"The longer your passwords could possibly be," Muhl said. "The more guesses it's gonna take for me to get it right."

NOW WATCH: The biggest security mistakes people make when buying things online

Please enable Javascript to watch this video
Latest Stories
7 Nutritious and flavourful tiffin ideas to pack for school
Top 5 places to visit near Rishikesh
Having an regional accent can be bad for your interviews, especially an Indian one: study
Dirty laundry? Major clothing companies like Zara and H&M under scrutiny for allegedly fuelling deforestation in Brazil
5 Best places to visit near Darjeeling
Trending News
Next Article
Next Story
Popular Categories
Trending Right Now

Copyright @ 2024. Times Internet Limited. All rights reserved.For reprint rights. Times Syndication Service.