How to create a complex password. How to come up with a strong password

Internet users have become smarter over the past few years. No, seriously. If earlier my friends complained about the constant hacking of their mailboxes or pages on social networks such as VKontakte or Odnoklassniki, today they come up with such a problem much less often. Last but not least, this has to do with the password - the most important part any account, which for some reason is very often neglected. And in vain.

Imagine that you have a page on a social network or, for example, an account on Skype. If some attacker gains access to the same Skype, he can spend cash, located on your account. At the same time, you will not be able to present anything to the company itself, since you are responsible for your account. Or another case - someone opened yours and started sending spam to your friends. Who might benefit from this? No one, and only you will be to blame.

But before we start talking about the main topic of our article today, I would like to make a small digression. I want to tell you that even the archi complex password, consisting of 50 characters, cannot protect you if you neglect simple rules security. Why?

• The first reason is that you save the password in the browser. Never, remember, never, under any circumstances, do this! There is a type of Trojan that, when it reaches the user’s computer, checks the saved contents of the browser and, if saved data is found, transfers the information to the attacker, without you even knowing about it! Therefore, always write down all important data (the same password) in a diary or on a piece of paper to which only you have access.

• The second reason: it is a continuation of the first. If someone has obtained data from your account on a social network, then they will probably try to use this password on other resources where you are also registered. This is why some users so easily lose their mailboxes— they use the same password everywhere! You can't do that! For each site, create your own unique combination of symbols!

• The third reason: phishing sites. Alas, not one of us is immune from them. A phishing site is a fake, the design of which is completely copied from some popular resource. Very often, for example, the same “VKontakte” is faked - you go to its exact copy, which is not on the vk.com domain, but, say, on vkkkk.com. After you enter your profile data, it will instantly go to the attacker, although you yourself will not be able to access your page - after all, this is a completely different site, only outwardly similar to VK! Therefore, always pay close attention domain names sites where you enter your valuable login and password. (You can also get to the phishing site through the shift hosts file, but we'll talk about that next time).

• The fourth reason: keyloggers. Keylogger is small program, launched, as a rule, without notifying the user, which remembers all his actions: every keystroke, mouse movement, etc. Most often, keyloggers are used by jealous people who want to catch their significant other writing a love letter to an unknown person, but such programs often end up on the computer from world wide web and are used by bad guys to steal data, because everything typed on the keyboard is saved in a file, which is then sent to the attackers.

Are you tired yet? I hope not, but modern reality is a very cruel thing and you need to be prepared for it. These are just a few of the main reasons why people lose access to their accounts. Therefore, follow the rules that we wrote about just above and then the risk of getting into a similar situation will be reduced to a minimum.

How to come up with a complex password?

Well, friends, now we move on to the most interesting part, namely, we will learn how to create complex passwords. In fact, there is nothing new in the system that will be discussed below, it’s just that many users are not even aware of it.

Where to start? Perhaps this is why - minimum quantity There cannot be less than 8 characters. Why 8? According to recent studies, words of 7 digits or less are selected much faster than words of 8, not to mention something larger (for some reasons the difference in selection time is very large). However, we advise you to slightly increase the number of digits to at least 12-14 - in this case, it will be almost impossible to select symbols programmatically, it will take years!

So, now about the most important thing. Take something simple Russian word. Let's say the word is "wallet." Now we take it and write it on English layout, that is, we succeeded,evf;ybr. An excellent set of characters, it must be noted. Now at the beginning or at the end we add one capital letter - V. It turns out V,evf;ybr. Quite good, but that's not all. In the final part, we add some arbitrary number, for example, the year of your birth - 1975. The final password turns out like this: V,evf;ybr1975. It has 13 characters, including letters of different cases, numbers and special characters. Believe me, it will be so difficult for an attacker to find this word that he, most likely, will not even be able to do it!

The password, which you can see just above, is given for informational purposes only and is NOT NECESSARY to use! You can come up with it yourself by following our instructions. Just don't forget your password! To prevent this from happening, write down a set of symbols in your diary or in some notebook and hide it away from human eyes. There is no need to write it down in your phone - someone can see it there, and if the phone is also stolen, then...

By the way, there are special programs for automatically generating and storing passwords on a computer, but I don’t recommend using them - despite the fact that the data is securely hidden in the program, something can happen to the computer and then you can say goodbye to your data "... Be careful!

Nowadays it is impossible to imagine life without a computer and constant input. various combinations. We need it almost everywhere, from starting the computer, registering on websites, logging into forums, email and social networks, for example, Odnoklassniki, and ending with pages and accounts in electronic wallets. If, with optional registration, somewhere you can not come up with a combination, but specify a random key combination, then when creating any permanent account, especially if it concerns any money transfers, then the password must be strong.

What password can you come up with?

Any combination can be hacked, and the data can be used by an attacker to open loans. That is why it is imperative to take care of protection in advance and exchange weak combinations for reliable ones.

Hacking passwords

Even an inexperienced hacker can crack easy combinations and combinations in a password. It’s very simple by selecting and searching through all possible options. This is called brute force. Such as 00000, 11111, qwerty, 123456 and the like are checked immediately, and then substituted for them various symbols. There are special programs for this kind of search, which takes very little time.

Another popular hacking method is to analyze all a person’s data. All significant information collected and substituted into the password. This applies to initials, date of birth and other information. This way you can still choose security question required to recover your password. Where is data about a person collected? Most often on social networks such as Odnoklassniki, VKontakte. Here you can find out everything from your husband’s name to your dog’s name and your favorite musical group.

Password storage

Created one strong password, two, and the third is no longer remembered? Because of this, many users create combinations, for example: “1 password”, “2 password” and so on, for various sites. This is wrong, because if one of them is hacked, then the rest will be easy to hack. To save combinations, keep a notepad or file on personal computer, but not in a place visible to everyone, otherwise some people manage to write passwords on a sticker and stick it on the monitor, not at home, but in the office. Show the same attitude towards “secret questions”.

Other ways to create a strong password

How safe is it to store passwords on your computer?

It’s not safe, there are a huge number of programs that contain so-called “key loggers” or are capable of searching for valuable files on a hard drive, flash card or other media. Even if your loved ones protect you antivirus programs, it is better to play it safe and store information in paper notebooks.

Passwords are everywhere: on social networks, payment systems, on your computer and phone. It is unrealistic to keep so much information in your head, so many users follow the path of least resistance - they come up with one key that is easy to remember, and then enter it on all sites where they register.

This approach to security can end in disaster. If the access code for VKontakte or Odnoklassniki can be lost without serious financial consequences, and therefore there is no need to make it complicated, then come up with a password for registering with payment system or creation of Apple The ID must be such that no one except the owner can access the data.

Rules for creating passwords

Almost all sites have a list of password requirements when registering. However, usually these requirements are minimal: at least 8 characters, cannot consist only of numbers or letters, etc. To create a truly complex password, you need to keep a few more restrictions in mind.

• Login and password must not be the same.
• It is not recommended to use any personal information, especially if it can be learned from social networks or other sources.
• It is not recommended to use words.

To understand the logic of these prohibitions, just look at how passwords are cracked. For example, a 5-digit key is only 100 thousand combinations. By simply searching through all the options, the hacking program will find a suitable combination in 2 minutes, if not less. A rare word will not work for an access code either. An attacker can analyze different dictionaries for different languages and find a match. The only question is how long it will take - a few minutes or a couple of hours.

Advanced program PDF Password Recovery for cracking passwords set on PDF document. Uses brute force and allows you to fine-tune the selection by noting the characters used in the password.

The combination of a rare word and numbers will also not work. Bruteforce technology allows you to search for combinations of numbers and words, so that such a key will fall if necessary. It will, of course, last a little longer than 123456789, but if you suffer losses due to hacking, then this time difference is unlikely to seem significant. To understand which password is reliable and which is not so good, let’s take a look specific examples. The approximate hacking time is calculated using password checking services, which are described below.

• Date of birth (05041992) – will be hacked in 3 milliseconds.
• A name with a small or capital letter (Segey, sergey) will last 300-500 milliseconds, that is, less than half a second.
• Combinations of numbers and lowercase letters (1k2k3d4a9v) – approximately 1 day.
• It will take about 6 years to crack a password like HDA5-MHJDa.
• The combination AhRn&Mkbl363NYp will be deciphered in 16 million years.

The cracker will not work for 16 million years or even 6 years - this value only demonstrates that it is impossible to crack the password within an acceptable period of time.

Password generation

It's one thing to know the rules, another thing to follow them. Most users are aware that they cannot use an access code consisting of their date of birth or name to register, but this stops few. Two problems:

• It's hard to come up with a complex password.
• Even if you create a password containing random set characters, it is difficult (sometimes simply impossible) to remember it.

An online password generator will help you solve the first problem. You can find it on the Internet large number services that offer to quickly create a complex password from letters, numbers, and special characters.

Working online generators according to one principle: you indicate which characters need to be used, select the required number of characters and click “Generate”. The services differ only in certain aspects.

For example, on Pasw.ru you can generate several dozen passwords at once (up to 99 combinations). PassGen allows you to set the option to automatically exclude duplicate characters from the security key, that is, all characters in it will be singular.

Key storage

If you can generate a password online, then you need to store the keys on your computer. Writing the password on a piece of paper, in a separate document on the computer, or on a sticky note glued to the screen is the path to unauthorized access to data. So here comes the second problem: how to remember the created key.

You shouldn't rely on memory, but you can rely on a password manager. Many users choose KeePass. This program is free and works on Windows 7, Windows 10 and others. modern versions OS from Microsoft. In addition, KeePass has a built-in password generator, so you don't have to search for online services every time.

The only downside of a password manager is that it also requires an access code, which is called a master password. But remembering one master password is much easier than keeping dozens of complex combinations in your mind. In addition, when creating it, you can use a trick - take poetry, counting rhymes or any other memorable lines as a basis and turn them into a combination of letters, numbers and signs.

For example, you can take a quatrain, highlight the first letters and punctuation marks, and then write them in the Latin layout. Some letters can be replaced with numbers - “z” with “3”, “o” with “0”, “h” with “4”. As a result of such manipulation of four lines children's poem, which will never leave your head, you get the password U0d?D3ep.Gzc3hek, which will take 3 trillion years to crack.

Difficulty check

On many sites, when registering, the user is shown whether he has a good password. You can make sure that the generated code is complex and you won’t be able to hack it quickly, you can do it yourself, using the service ? In the “Enter Password” field, paste the generated password. In response, you will receive the approximate time it will take to crack the key on a regular computer. If it’s several million or at least thousands of years old, then the code is definitely reliable.

You can use other services to check reliability: for example, from Kaspersky Lab. It also shows the time required to crack a password, at the same time telling you what can be done within the specified period.

Another interesting way checks - the “Password Strength” service on the website 2ip.ru. Here the result is categorical: the key is either reliable or unreliable.

You need to understand that the hacking time shown by these services is very arbitrary and is calculated in case the hacker uses regular computer. A supercomputer with fantastic performance will do the job faster, as will dedicated password-cracking machines that can test up to 90 billion keys per second. But it is unlikely that people who own such equipment will need your password. email, Skype or Wi-Fi.

Only at first glance, impenetrable passwords do not contain a logical structure and look like gobbledygook. Complex passwords are such only for those who do not know the recipe for creating them. You don't have to remember letter cases, numbers, special characters and their order. All you have to do is choose a memorable basis and follow simple tips creating strong passwords.

Nursery rhymes

We take any children's rhyme or counting rhyme as the basis for the password. It is advisable that it be found only in your area and not be generally known. And better than your own composition! Although any nursery rhymes will do, the main thing is that the lines stick firmly with youth in your head.

The password will consist of the first letters of each word. Moreover, the letter will be written in uppercase if it is the first in the sentence. We replace some letters with numbers similar in spelling (for example, “h” with “4”, “o” with “0”, “z” with “3”). If you don’t want to get too confused with replacing letters with numbers, look for a counting rhyme that already contains numbers. Don't forget about punctuation marks that separate words and sentences - they will come in handy.

Example:

The turtle has its tail between its legs

And she ran after the hare.

Got ahead

Who doesn't believe it - come out!

We replace the letters “h”, “z” and “o” with similar numbers. The second, third and fourth lines begin with capital letters, and are therefore written in uppercase. Include four punctuation marks. Of course, we write in Russian letters, but on the English keyboard layout.

The 17-character password is ready! Perhaps it is not ideal, since it contains repeating characters, sequential lowercase letters and numbers. But it would certainly be hard to call it simple.

Favorite sayings

The scheme is similar to children's counting rhymes. Only as a basis you take your favorite and very memorable phrases of thinkers, celebrities or movie characters. You can complicate your life somewhat by replacing the letter “h” not with “4”, but with “5”, for example. There can never be too many confusing maneuvers!

Example:

I found out that I have

There is a huge family:

River, field and forest,

In the field - every spikelet...

Replace the letter “h” with “8”, do not forget about upper case and punctuation marks.

Ze,8evTjc^H,g,bk,Dg-rr…

Jargon and terminology

This implies the use of professional jargon that is understandable to an extremely narrow number of people. These words are much more distant from ordinary person, rather than criminal sayings that are widely covered on television and the streets of any city.

For example, you can use a hospital discharge or a tricky medical definition.

Example:

Cyclopentaneperhydrophenanthrene is a 28-letter term. It turns out to be a bit long, so I propose to throw out the vowels and dilute the remaining consonants with upper case.

Memorable dates

Of course, your birthday or the day you start your married life is not the best basis for a password. The event should be of exceptional importance, and only you should know about it. For example, this could be the day you ate gum for the first time, ran away from class, or broke your heel. Since the password will be based on numbers, it would be a good idea to mix them with letters.

Example:

10/22/1983 and 06/16/2011

Replace the periods separating the day, month and year with any letter, for example, a small English “l”, which is very similar to the quite often used separator “/”. Let's put a symbol between the dates underscore"_". Let's replace the zeros with the letters "o".

Visual Key

Use the smartphone unlocking technique on your keyboard as well. Think of any shape and “slide” your finger along its contours.

Don't forget to go through the numbers, change the horizontal and vertical direction of movement. And, unlike me, be imaginative!

Conclusion

The proposed methods for creating a password that is memorable, but at the same time quite difficult to understand, can be changed and combined at your discretion. It is enough to think about your super password once, and you can use it in the presence of a stranger without fear.

How do you choose your password?

Password– the only thing that truly protects all our important data from hacking. There are many ways to hack user accounts and gain access to confidential, personal, business, financial information. This is especially true for company owners who are concerned about the security of their data. It is often enough for attackers to hack the email of one employee to gain access to important business information of an entire company. This is why it is so important to educate employees about Internet security, in particular, to explain what passwords are and how to create a password correctly. And this is no less important for individual users who use the Internet to communicate and make payment transactions by entering their bank card details.

How to create a password and why are light passwords ineffective?

Most users do not wonder how to come up with a password. If you have easy password, rest assured, sooner or later you will be hacked. What is a light password and why is it so susceptible to hacking? As a rule, this is a combination of a word and a number. Most often, users choose their last name and date of birth as a password. For example, Ivanov1976. If they decide to hack you, most likely this is the combination they will enter first. Any vocabulary words, since brute-forcing passwords using a dictionary is another common technique used by attackers. Within a few hours the password will be hacked.

What password should I come up with? First of all, it's long. If your password contains less than eight characters (Latin and numbers), this means that the number possible combinations of which is 78,364,164,096 and by searching through combinations (using special program) such a password will be cracked in a maximum of 9 days (if the search rate is 100,000 passwords per second). Add one more character and it will take the attacker 11 months. Thus, strong passwords contain more than 8 characters, which contain a combination of upper and lower case letters, numbers and special characters.

Today, almost everyone is aware of the need to have complex passwords for each of their accounts, but the majority still continue to neglect the basic principles of Internet security. Even the most complex password can be stolen if you are not vigilant and enter your data on phishing sites (in other words, fake sites), save passwords in the browser (can be stolen by a Trojan) or download programs of dubious origin (this could be a keylogger that will steal all user-entered data). Simply put, anyone can become a victim of online scams. However, being aware means being armed. If you are careful and careful, and know how to come up with a complex password, you can protect yourself from intruders.

How to create a complex password?

So, we have already found out that complex passwords contain more than 8 characters. These must be upper and lower case letters (that is, small and large), numbers, and special characters.

To answer the question of how to create a password, the easiest way is to use the online generator that you will find on our website. He will create for you several combination options from Latin letters, numbers and symbols. The program creates passwords in a completely random order, and you can be sure that your password will be unique. But if you want to make it even more unique, you can replace any of the characters with anything you want. Of course, remembering such combinations is quite difficult, and most often the only option is to write down such a password in a notepad that will be accessible only to you.

Strong and complex passwords: creating

However, you can come up with a complex password that is easy to remember on your own. There are several standard scenarios for this

1. Choose two words in Russian - let it be a noun and a verb. For example, " curtain" And " embroider", add to this the year of birth of your favorite writer, artist, musician. Let it be 1924 . Add any other symbol - for example, %. Now let's write it all down together" Curtain19%Embroider24"(in any order). And finally, we write it down in Latin. It will work out Uahlbyf19%Dsibdfnm24. It would take an attacker forever to guess such a password using brute force.
2. The second way to make a complex password is take a line from a poem or tongue twister. Take two letters from each word and write it in Latin, using upper case for each first letter. This is another complex password.
3. Choose any complex word that is used quite rarely in speech. How more letters, the better. Write it down in Latin, add a significant date (it will be better remembered if this word is somehow connected with this date), and break the word into two parts with this date.

There can be an infinite number of such scenarios, and perhaps with a little thought you can come up with your own. If you still don’t know what password you can come up with, use ours. The main thing is to remember that you cannot share your passwords with anyone; do not store them in your browser or in notepads on your computer.