What makes a quality password?
Something that isn’t easy to guess? Something that doesn’t contain personal information?
Those are good answers, but they’re only a start. You see, in the past, we’ve been taught to think of individual people trying to guess our passwords — typing out password after password by hand until they land on the right combination.
Sure, this scenario happens, but it isn’t the norm. No, instead, we’re more often up against computers. And computers don’t need to guess like humans. Instead of taking the time to think of password guesses and enter them in manually, computers use math to — quite literally — crack the password as fast as possible.
A password that uses a common dictionary word with common characters is mathematically weak. A computer will be able to guess it way too easily, leaving any accounts with that password open to attack (although, you shouldn’t be using the same password twice, anyway).
What you need are passwords and are Long and Complex. Long passwords consist of at least 16 characters, and Complex passwords use a variety of characters, numbers, and symbols. Both strategies greatly increase the number of possible password combinations computers need to work through in order to guess your password.
While mathematically a computer will eventually cracked a Long and Complex password, it isn’t on a timescale any of us (or most of our descendants) will need to worry about. For example, the password “IWantW0rldPeace4Allin2021!” would take a computer 46,000 years to crack. Another example, “HumptyDumptySat0nAWall2020,” would take over 8 billion years to hack.
Looking at those two passwords, notice how we replaced letter with different characters (i.e. 0 instead of O in “W0RLD”), as well as alternated capitalization. Creating a password with these random but meaningful flairs can make it so you remember your Complex password, but a computer will be mathematically locked out.