Modern man spends a lot of time on the Internet. In most cases, to use the global network to the fullest extent (starting from registering accounts and ending with paying bills through electronic payment systems), it is necessary to create passwords. And for each case - separate. After all, for registration on a little site (for example, for downloading games or music) the complexity of the password does not matter. This may be a simple set of letters or numbers. But, if these are sites related to the storage of money - a simple password will not work. It must be reliable and definitely difficult.

To date, few passwords guess. Often used brute force - the method of "rough hacking." This is an ordinary search of various options and combinations.

Of course, this method is not done manually, but with the help of specialized programs. The first combinations to be tested are “111111”, “123456789”, “qwerty”, etc. That is - the most basic sets of numbers and letters. Further ordinary substitution will be carried out. This program is able to quickly sort through a huge number of combinations.

For example, if used as a password:

• Date of Birth. "01021974" - the program will spend about 2 seconds to decrypt;
• Name passwords with a small letter (ivan, oleg) will take about 4 seconds;
• Passwords that use capital letters (Ivan, Oleg) - about 4 minutes;
• Complex program "1d2d3s4a8c" program will decrypt in 4 days;
• Passwords from the HSU5-BHJDa series will be decoded in 12 years;
• And finally, the program will decipher the “IkRn% Kmbl253NNp” combination in a million years.

Therefore, asking the question "How to think of a password?" It is necessary to focus on the above examples and draw conclusions that: - You can not create short passwords.

• The password must contain at least 8 characters. Ideally, 10 or more;
• Be sure to use both numbers and letters. It is even better to dilute the combination with punctuation marks, symbols, etc.
• The advantage will be the use of both small and capital letters. This can be done with the Shift or Caps Lock keys.

Naturally, the password can be cracked not only using the above program, but also analyzing all the collected information about a person. Data is collected either manually or using special programs.

For example, the brute-force password from the “ivanovkostya” series will be picked up at best in 100 thousand years, while having knowledge of the person — the last name and first name will be checked first. This suggests that there is no point in this password.

Another way to break a password is to find the answer to the “secret question”. By pressing the “Forgot your password?” Button for a few seconds, you can (having information) open any page of interest. Often, the nicknames of animals, the mother’s surname (maiden) and other primitive data are used to answer the “secret question”.

A legitimate question arises: where do attackers take this information? The answer is incredibly simple. AT social networks. Pointing there all the data (starting from the year of birth and ending with the name of your beloved pet) people put themselves at risk.

Favorite music, quotes, groups, interests - here you can find anything. Therefore, Ivan Ivanov, who uses ivanivanov as a password to enter social networks, should change it immediately. Otherwise, you should not be surprised to see the once hacked page in Odnoklassniki and spam sent on behalf of the owner.

Making conclusions, it should be understood that password cracking is a fairly simple matter, therefore:

• Never use personal information when creating a password. It includes: year of birth, wedding date, phone numbers, apartments, etc;
• It is advisable not to use a literary word as a password (in any language);
• As answers to the “secret question”, never use information that is easy to learn;

An important point will be the password generation. This is one of the available services, with the help of which you can easily and effortlessly create a combination that will be extremely difficult to select for any of the existing programs. But, considering that these are quite rare combinations of numbers and letters, you need to do everything possible so that you do not forget the password. How to do this - consider next.

So, using the service "password generation" or inventing it yourself, using the above information, it will be quite difficult to remember. It is for this reason that in most cases the same combination is used everywhere. Some slightly modernize it. It turns out something similar to "parol1", "parol2", "parol3", etc. This is quite a tricky step, using which you can be sure that you have not forgotten the password. But, as a rule, logic works quite well for experienced hackers. And they use it. Therefore, access to any mailbox or account, if desired, will be his.

Obviously, using the function "password generation", and having received a meaningless set of numbers and letters, it should be stored somewhere. Some manage to write on the leaflet all the information and stick it on the monitor. And not at home, but at work ... In an office, where there are a lot of employees and customers ... This is about the same thing as creating a file on the desktop called My Passwords. Why do this? Indeed, in this case, the efficiency will be zero.

Therefore, so that you do not forget your password, use the following tips:

1. Each site or forum requires a new, unique password;
2. Do not store combinations on the desktop of the computer, due to the fact that professionals can easily penetrate the PC;
3. Do not keep passwords in plain sight;
4. Using a sheet of paper for storage - be sure to create a copy of it;
5. Never enter passwords in "strange" programs or on suspicious sites. The administration of any self-respecting Internet portal will never require a password;
6. Using programs to store passwords, be sure to create backups  files.

In an Internet cafe or in gaming clubs, try as little as possible to enter passwords on other people's computers. It is likely that at the time of using Internet banking to pay bills or enter a social network, the computer being used is called a “keylogger”. A program that is used to memorize a keystroke sequence.

Sometimes you need to change passwords. But, the more reliable the combination is, the less frequently it should be changed. As a rule, passwords of 12-14 characters are changed every few years.

It remains to hope that by asking “How to create a password?” You will definitely use the recommendations that were described in this article. After all, using the above information, you can save accounts in social networks and protect yourself from intruders.

I remind you that our site has a password generator that you can use as needed. saving his address to his favorites.

In modern technically equipped life, various passwords are widely used to protect information. They are daily and several times injected on various network resources. Passwords are entered at the entrance to the computer, registration on the Internet sites, opening mailbox  and accounts. Many do not think about the importance of passwords and, especially, about the basic rules that are recommended to be followed for reliable protection  your data and information.

The basic requirements for the preparation of passwords:

• password length must be more than 8 characters (optimally, if the length is more than 10-12 characters);
• the password itself must contain non-repeating numbers, letters, punctuation marks and special characters (even better if they alternate);
• you must include both uppercase and lowercase letters.

Storing passwords on Internet resources

On serious sites are stored passwords encrypted using a special algorithm MD5. In the process of encoding, according to a certain algorithm, a “digest” is created - a set of unrelated characters that are obtained after processing the input information. Deciphering the digest is almost impossible.
  So, after registering on the site, it is not the password that is saved, but a digest derived from it in a certain way. Further, after entering the password on the site, it is also translated into a digest. Stored and received digests are compared, so it is determined whether the correct password is entered.
  If a password digest is learned by a bad person, the password itself can be determined only by going through it. To do this, you must use a special program that generates character sets and converts them into digests for comparison.

Password strength

Often introduced easily remembered and simple passwords  (for example, "123456" or something similar). Sometimes you can stay on a similar choice (temporary registration, dubious site, etc.). In banking, payment and other financial systems, to protect mailboxes, it is necessary to create exceptionally strong passwords. Otherwise, attackers can use the information to get money, open accounts, get loans, and more. To create a password to meet all the requirements of complexity, it should not contain:

• family information (dates of birth, etc.);
• memorable dates (for example, wedding days);
• phone numbers, apartments or documents;
• the names of relatives or their names;
• various combinations of personal data (initials and dates of birth).

A strong password should look like a meaningless combination of characters. Weak password is considered to contain any word from the dictionary. Such passwords are determined by a simple word search.
  The password will be very simple if you use the answer to the “secret question” as it. It is very easy to guess, pick up or find out such a password.

To keep your passwords secret:

• nessesary to use different passwords  for various Internet services, sites, forums, etc.
• store passwords in memory, and not to record, for example, on stickers, in diaries;
• it is not recommended to leave the passwords on the network or on the computer, in text file  or the browser’s built-in password-keeper;
• it is advisable not to enter important passwords on computers located in public places, Internet cafes, etc.
• be sure to regularly replace with new ones.

If it is difficult to invent complicated passwords on your own, it is recommended to use a special software password generator. You can check the reliability of the invented or generated password on specialized sites.

The modern user has to work with at least a dozen requiring registration and use of a password to gain access to the account. Email, internet messengers, personal Area  Internet provider, chat rooms, forums, other sites and this is at least. In this article we will try to figure out how to come up with passwords for these all these countless services.

Create passwords

When registering at the next site, we often stop and think about seeing the password field. An almost ideal way to create a strong password is to generate a random password using a special program, such as. But such passwords are difficult to remember, which means that they need somewhere to write and store. This option is not suitable for part ordinary users. Even if you use the programmatic method of creating and storing passwords, you will still have to remember some of the passwords.

Creating a password manually, you must follow several rules:

• Cannot use simple combinations of characters and numbers. For example, passwords 123, 321, 123456, qwerty, asdfg and other similar ones are not suitable.
• Cannot be used when creating a password (names of relatives, pets, dates of birth, telephone numbers, addresses, postal codes, etc.). For example, passwords Masha, Sasha21, Vasya02071988 and other similar ones are not suitable.
• Do not use passwords that can be selected according to the dictionary of popular passwords. For example, the passwords love, cat, alfa, samsung, mercedes, yasherwa and others like them, as well as their variants and combinations are not suitable.
• Do not use passwords that are less than 10 characters long.
• The password should consist of large and small letters, numbers and special characters.
• When inventing passwords, use your imagination and do not think like a template. The computer that picks up your password thinks good, but it cannot think and be creative.

There are many ways to come up with a simple and relatively strong password. We will consider one of these ways.

How to come up with a password

The first thing we need to do is invent a key phrase. The ideal option would be a unique meaningless phrase that is easy to remember. For example: space cockroaches. You can also use phrases from not very popular songs, poems.

• Record of the Russian phrase in the English layout.
• Recording a phrase is the opposite.
• Replacing letters with their visual analogs (“a” - “@”, “i” - “!”, “O” - “()”, etc.).
• Use the first few characters of each word.
• Remove pair / unpaired characters.
• Remove vowels / consonants from a phrase.
• Adding special characters and numbers.

You can use several such methods to turn a key phrase into a practically meaningless set of characters. But, the ideal option would be to create your own unique method of “encrypting” the key phrase.

For example, using several template methods “” you can get the following password:

space cockroaches  - use the first 4 characters from each word - kosmtar - write in the English layout - rjcvnfhf - write with a capital letter and add special characters and a random number - Rjcvnfhf @ 955

As a result, we have a long and quite complex passwordwhich cannot be calculated from the personal information of its owner, but it can be easily recovered from memory. Checking the password strength with the help of the service we get the result "very reliable".

In conclusion, I want to remind once again that, inventing a password, you must use your imagination and the ability to not think in a standard way. Using this advantage over the "stupid" computers, you can create passwords that will be too tough for them.

My dear friends! In this post, I touch upon such a serious topic as creating a strong password.

To begin, I will tell you a little story.

According to my advice, my friend put on the account "Vkontakte" a complex, reliable password, 11 characters long, including letters and numbers. He lived quietly and lived. But at one point, he decided that he was too lazy to type such a complex password each time and changed the password on the date of his birth.

Two days passed ... And one fine day, my friend, trying to log into Vkontakte account, sees the following message:

"This e-mail address is not registered or the password is incorrect". Everything. A curtain. As the saying goes "Finita la comedy." Hacked page. The account does not return back. Bad people on his behalf send false information to extract benefits, as well as send spam. A victim of hacking calls everyone to warn that he has been hacked ... In general, he found enough problems on his fifth point. To avoid such stories happen to you, I wrote this post.

Which password is stronger?

The password is a delicate matter. =) There are several rules to follow when creating a password so that it is not picked up. How can they find your password? On this topic, you can dilute the whole discussion. But I will say briefly. The most popular way is brute force, which means brute force (or the brute force method).

As you probably guessed, the principle of its work is based on the enumeration of all possible combinations of passwords. In this case, you can defend yourself by simply creating a very long password. The next method is the analysis of known information about a person. This is the name, year of birth, favorite quotes, etc.

A bot or person records all known information about you and applies it in various forms when hacking. This method hacked the account of my friend, about whom I told. Protection in this case is absolutely meaningless set of letters, numbers and symbols. The program will substitute, for example: Vova14.02.91 or 8-999-648-28-41, and your password is some kind of "tpr7lx48a% 7d". The program will never guess to try such a disgrace.

Well and still, to crack a mailbox, malefactors, most likely, will try, selecting the answer to a secret question. Imagine the picture: a bad person types a username and clicks: “forgot password”. And he is offered to answer the question prepared in advance by the user: "My parrot's nickname." Hmm ... Maybe Arkady? Or Evlampy?

In general, I think, in spite of my irony, you understood that you need to write in secret question. At least the number of attempts to “guess” the answer is limited, I assure you, even a very close mind can answer “Kesh” to the question “My parrot's name”. Just in case, I will say specifically. It is desirable that the answer, well, never came to mind a healthy person. For example: “What year was my mother born?” The answer is “Rhino”. Not bad, huh?

And if you want to mock at burglars, you can send them to the question. Only in this case, you should be 100% sure that you will not forget the password, otherwise it will not be very pleasant when you try to restore the password to see the inscription “Go through the woods !!!”.

Perhaps you think that if you come up with a powerful, strong password, then with it you can now register on many sites. If this is the situation, then I will disappoint you. You're wrong. It is desirable that on all services all passwords are different. So, based on all of the above, I will try to specifically answer the question - what should be a strong password.

Strong password  must be at the same time:

Meaningless.

Challenging.

Not memorable from the first time.

If possible, long.

Consist of letters and numbers, if possible, then of symbols.

With letters of different register.

Now I will say how Should not  be password:

Simple letter sequence: qwerty

Simple sequence of numbers: 12345

Any date of birth: 06/18/1984

Any first name (surname): vasyapupkin

Generally any existing word

Whatever the password is: from the mailbox, ICQ, account  on the forum, it must be difficult! Well, if you absolutely do not care about the further fate, any account (for example, you register in order to download the game to mobile phone), then at registration feel free to write in the password field: "qwerty".

It should say a few words about storing passwords. Keeping passwords on a computer is a very bad idea! Much better if you keep them in writing on a piece of paper hidden in a safe place.

It is better to remember the password, i.e. memorize! When you come up with a strong password, do not think about its meaning, but simply poke the keys with your eyes closed, periodically pressing Shift.

I will give a few examples of brute force picking a password:

A password of eight digits (date of birth) will pick up brutus in 6-10 seconds.

Password - the name (Ivan or Marya) will pick up in a time from 15 minutes to 5 hours (depending on the length of the name).

The password "Jf89 @ nfd% 4P3nj" brute force will pick up a few million years.

Judge for yourself…

Suppose a hacker found out the password from your main mail. Here is what he can do:

1. Change your passwords from all social networks. Ask all your friends for money on your behalf.
2. Change your password from Aiclaud or Google. Then steal money from you or block your smartphone.
3. Examine your correspondence, from which the hacker will most likely pull out your passport data and card number. From social networks, he will easily get your mother's maiden name.
4. Knowing your passport data and card number, the hacker will change the password from the Internet bank, change the contact phone number and be able to freely manage all your money.
5. If a hacker gets a scan of your passport in the mail, he will be able to take a loan in your name at an unscrupulous credit organization and collectors will come to you.

Ilya Anonymous

employee of Tinkoff Bank

Unreliable: words and number sequences

• simple vocabulary words: sexy, love, hello, password;
• sequence of numbers in a row: 1234, 123456789, 9876543210;
• date of birth: 21041988, 2104;
• any year: 2015, 2010, 1988;
• your name: ilya;
• the names of their relatives and pets: mama, papa, murka, stepka;
• the name of the service on which you register: mailru.

Reliable: numbers, letters, punctuation marks

• xJ462 & b-vr01.8 ^ 5h;
• hs # lzkAc ~ 6oifL0xwT;
• (|% SJbB7AN ~ T.

Cats compose good passwords when walking on the keyboard:

• s7777, .lw / g000 --− 5255;
• GBz.vURHDG\u003e 923ub4grz.34;
• # $: * (Tg; 9729htgbz1114.

If you just throw your hands on the keyboard several times, you will get a strong password:

• p $ (ghPHg5g79;
• 4ghu; DSsl @ vnQwi4;
• vd.Kjbk.j4uies $.

Such passwords cannot be picked up with the help of a dictionary, and it will take months and years to search - during this time you will have time to change your password, box and citizenship.

How to write and remember a strong password

Each person has his own password memorization technique. If you don't, try this:

1. Take a simple phrase that you remember exactly. For example, "potatoes with mushrooms." Write it: kartoshka s gribami.
2. Imagine saying that phrase with an accent. How would you write it then? For example, with an Italian accent: kartOshka s gribammi.
3. Replace spaces with any character: dash, period, comma, or worse: kartOshka.s. gribammi.
4. Replace any letters with numbers - but in order to remember what you changed. For example, a on @, i on 1: k @ rtOshk @ .s. gr1b @ mm1.

Best of all, a password is remembered when you frequently enter it. If you only composed the password, turn off the tick "remember me" in the mail or social networks, and you will have to enter it every day. So your hands will learn to enter it automatically. After a week, you can turn on “Remember me” again.

Strong password: alternate method

A couple of months ago, I already talked about the method to come up with a strong password.

1. Take the words of your favorite song. For example, "This is not a joke, we met in the minibus at number one, we go and we are silent."
2. We take the first letters: enshmvvmnnieem.
3. Translate to the English layout: enshmvvmpn1eim.
4. Capitalize the first letters of the shock words: EnSHmvvMpn1eiM.
5. Add your favorite smiley and the age at which you had your first sex: EnSHmvvMpn1eiMX-D29.
6. It turned out 19 characters - easily fit into the password for Tinkoff Bank.

How to record passwords

Security experts do not advise you to record passwords in clear text, even if you keep them in a safe. If you need to write a password, make it so that only you know how to read it.

Take the old diary, open it somewhere in the middle or near the end and write down in the margins with a pencil “Potatoes with mushrooms. In Italian, by mail, 1 portion. " This note will help you remember how you changed the original phrase, and it will be incomprehensible to strangers how to get your password out of it.

Do not keep passwords on stickers on the monitor. Do not carry them in your wallet. Do not write in the notes in the phone.

How not to declassify password

Even with a strong password, you can be hacked: for example, if someone spied on how you enter the password; If on the computer from which you enter the mail, there is a spyware. How to protect yourself from such cases:

1. Do not use the same password in the mail, bank, social networks and instant messengers. Change at least a third of the password to make it difficult to pick up.
2. Enable two-factor authentication wherever possible. Then, even if your password falls into the hands of fraudsters, they will also need your phone to enter the mail or bank.
3. Try not to enter passwords on other people's computers, especially if the computer is shared: in an internet cafe or library. You don't know what spyware might be on them.
4. Password protect your home wireless network.
5. If you suspect that your password could have been leaked to attackers, change it in a safe environment and from a secure device. For example, at home with a tablet.
6. Keep the phone with you, and if your SIM card suddenly stops working, immediately call the operator and change the SIM card in the communication salon. A broken SIM can mean that someone made a duplicate.