How to Strengthen Your Online Passwords

As computers, and specifically graphics cards, have gotten more powerful, our passwords have become increasingly vulnerable, and the days of eight characters being the standard password length are over. To be honest, they have been over for quite some time, but it's only now that the rest of the world is coming to realize that those eight letters you use to protect your e-mail could be cracked by a mid-range PC and a couple of graphics cards -- in less than two hours. Researchers recently found that eight-character passwords can be cracked in less time than it takes to watch most Hollywood movies. Merely jumping to 12 characters boosted that time to a whopping 17,134 years. Obviously, the solution is longer, more complex passwords, but where do you draw the line between convenience and security? Do you really need to have a separate password for every single account? The answers, plus solutions to data security, are after the jump.

Get a Password Manager

Many options exist for the password conundrum, but the best is a solution we suggested back in February: a simple password manager. Tools like KeePass and LastPass let you generate new random passwords for every account you have. You can use these tools to create nearly unbreakable random strings of numbers, letters (both upper and lower case) and symbols, and stretch them to unimaginable lengths (although 20 characters should be more than enough). Furthermore, the programs keep your complex codes nice and tidy, so you'll never lose track of which password goes where.

Lengthen Your Password

Alternatively, simply lengthening your password will protect your accounts for the immediate future. Though expanding to 12 characters will suffice, we suggest 14 characters as the sweet spot for truly secure phrases that are also short enough to be memorized. These phrases should also abide by the general rules of password variation: use at least one upper- and one lower-case letter, and at least one number. We also suggest working in a special character, like '$' or a punctuation mark, if the site you're using allows it. While we don't have access to the array of graphics cards programmed by the Georgia Institute of Technology, we did check with How Secure Is My Password (a site we covered earlier this year), and it claims that a 14-character password using lower and uppercase letters, as well as numbers, would take 39 billion years to crack. That's perhaps a little generous, but you get the point; it ain't easy.

Switch Letters and Numbers

Changing letters to numbers is another quick and easy way to add complexity to a password. Turning your "e"s into "3"s and your "s"s in to "5"s introduces a layer of randomness that makes your password harder to guess. This is an especially handy way to obscure dictionary words (which most security experts suggest avoiding).

Use Full Phrases

Another password tip is to use full sentences and phrases. While many sites will not let you create a password long enough, famous quotes or personal mantras can work as incredibly secure passwords. For example, "ask not what your country can do for you" would take an almost immeasurable amount of time to crack with a desktop PC. Change the "o"s to "0"s, and the spaces to underscores ("_"), and you've got a password that might make a super computer choke.

Ideally, you should have a different, random password for every account, but we realize that a password manager is not for everyone (and might not even be an option for some). But, with a few tricks, it's not impossible to keep your accounts at least somewhat safe from the newest and most powerful tech out there.

Tags: online safety, OnlineSafety, password, passwords, security, tips, top, web