What matters with passwords is length.
The longer it is the more impossible it will be for a computer to guess it.
Special characters and numbers are not nearly as important as length.
And don't worry about using dictionary words. As long as they are in combination with other words, it makes no difference. Even if a computer tried guessing your password using all dictionary words, it would never guess something like "feelgoodflowerpower" because it would not know where one word ended and another began.
The above password has 19 characters, each of which could be any of ~50 unique symbols. That means the possible permutations are 19 to the power of 50--something close to the number of known particles in the universe. Impossible for any super computer to guess.
Shorter combinations of letters and numbers like "London2012" are easier for a computer to guess, but more difficult for you to remember!
The best passwords are phrases that you find easy to remember. Something like "iwasbornsomewhereinlondon". This is so easy to remember, quick to type out, and is also tremendously secure.
Forget using combinations of letters numbers and special characters that are hard to remember and difficult to type. Phrases are the way to go.
Friday, August 19, 2016
Monday, June 13, 2016
Ancient Sunlight
I recently heard a sustainability professional refer to oil as "ancient sunlight." It struck a note with me. It was a sharp, poignant, paradigm-shifting statement.
It really is true. Through photosynthesis, the earth has been collecting energy from the sun for billions of years and slowly storing that energy in the form of fossil fuels. Like a battery.
Since the industrial revolution, when we learned to tap into those ancient energy reserves, our growth has been exponential... and artificial. We are using past savings to fund present spending. We are living off the earth's capital, rather than its interest.
It is unnecessary. The sun provides more than enough constant energy input for the earth to sustain itself, and I believe it can (and will someday) sustain all human activities as well.
It really is true. Through photosynthesis, the earth has been collecting energy from the sun for billions of years and slowly storing that energy in the form of fossil fuels. Like a battery.
Since the industrial revolution, when we learned to tap into those ancient energy reserves, our growth has been exponential... and artificial. We are using past savings to fund present spending. We are living off the earth's capital, rather than its interest.
It is unnecessary. The sun provides more than enough constant energy input for the earth to sustain itself, and I believe it can (and will someday) sustain all human activities as well.
Monday, February 15, 2016
Time To Get A Password Manager
It astonishes me how many people still use "123456" or "password" as passwords for important accounts. The annually published list of most popular passwords is disheartening. I really have no sympathy for people when their email address gets compromised and they send viruses to their friends--followed by an apology a day later. But the reason is obvious: we all have so many accounts, with so many services, how are we ever supposed to remember all the username/password combinations?
Most people have a handful of easy passwords they use for all their accounts. They don't always remember which password goes to which account, but after trying a few times, they usually get in. Other people use all the available hard disk space in their brains remembering dozens of passwords, attempting to keep them all unique. These people make frequent use of password recovery services. Other people write all their passwords down on paper, or in a file. But unless you are willing to take the security risk and carry this around with you, it is of little use.
Password managers like LastPass are the best solution I know of. It's called LastPass because your master password is the last password you will ever need to remember. I've been using it for years. I don't know, or need to know any of the passwords for my many accounts. They are all unique, long, random strings of characters. LastPass remembers them for me, and fills them in for me automatically. It's really genius.
LastPass runs as a browser plugin, or as a background service on your mobile device. You log in once (per session) using your master password, and then every website or app you visit which asks for credentials, LastPass automatically fills them in for you. Not only does this save tremendous amounts of time, but it saves precious swathes of brain space.
It is also far more secure than any other method of storing passwords. Your password database is encrypted with 256-bit, government level encryption, and all decryption only happens locally so that your unencrypted passwords are never, ever sent over the internet, even on "secure" connections. It is so secure, in fact, that if you forget your master password, not even the people at LastPass can recover your database for you. I store not only internet account passwords, but it's where I keep ALL my sensitive information like account numbers, social security numbers, etc.
Lot's of people I've spoken with are skeptical about using these types of services, but I don't understand why. It is so much more secure than relying on your own memory, or writing passwords down on paper. Making all your passwords unique and strong means that if someone hacks into one of your accounts, your others are still safe. And you never have to worry about being without LastPass because you can access your database from any internet-connected device if you need to.
I've been promoting this for a while now. If you are one of those people that uses the same password over and over, or that spends way too much brainpower remembering unique ones, take this opportunity to finally get your sh** together. Get organized. Get secure. It will save you time, brainpower, and protect you from potential disaster.
Most people have a handful of easy passwords they use for all their accounts. They don't always remember which password goes to which account, but after trying a few times, they usually get in. Other people use all the available hard disk space in their brains remembering dozens of passwords, attempting to keep them all unique. These people make frequent use of password recovery services. Other people write all their passwords down on paper, or in a file. But unless you are willing to take the security risk and carry this around with you, it is of little use.
Password managers like LastPass are the best solution I know of. It's called LastPass because your master password is the last password you will ever need to remember. I've been using it for years. I don't know, or need to know any of the passwords for my many accounts. They are all unique, long, random strings of characters. LastPass remembers them for me, and fills them in for me automatically. It's really genius.
LastPass runs as a browser plugin, or as a background service on your mobile device. You log in once (per session) using your master password, and then every website or app you visit which asks for credentials, LastPass automatically fills them in for you. Not only does this save tremendous amounts of time, but it saves precious swathes of brain space.
It is also far more secure than any other method of storing passwords. Your password database is encrypted with 256-bit, government level encryption, and all decryption only happens locally so that your unencrypted passwords are never, ever sent over the internet, even on "secure" connections. It is so secure, in fact, that if you forget your master password, not even the people at LastPass can recover your database for you. I store not only internet account passwords, but it's where I keep ALL my sensitive information like account numbers, social security numbers, etc.
Lot's of people I've spoken with are skeptical about using these types of services, but I don't understand why. It is so much more secure than relying on your own memory, or writing passwords down on paper. Making all your passwords unique and strong means that if someone hacks into one of your accounts, your others are still safe. And you never have to worry about being without LastPass because you can access your database from any internet-connected device if you need to.
I've been promoting this for a while now. If you are one of those people that uses the same password over and over, or that spends way too much brainpower remembering unique ones, take this opportunity to finally get your sh** together. Get organized. Get secure. It will save you time, brainpower, and protect you from potential disaster.
Subscribe to:
Posts
(
Atom
)