New! Sign up for our free email newsletter.
Science News
from research organizations

Passwords Are A Piece Of Cake -- For Cybercrooks

Date:
July 23, 2007
Source:
Indiana University
Summary:
Choosing a good password is one of the many choices students make as they head to college, and it's a decision that should not be taken lightly, according to experts. What really makes a password difficult -- or easy -- for someone else to figure out? A computer cracker or identity thief will never know the name of your favorite great-aunt's cousin's dog -- so that's a good password, right?
Share:
FULL STORY

Choosing a good password is one of the many choices students make as they head to college, and it's a decision that should not be taken lightly, says David Ripley, researcher at the Pervasive Technology Labs' Advanced Network Management Lab at Indiana University Bloomington.

What really makes a password difficult -- or easy -- for someone else to figure out? A computer cracker or identity thief will never know the name of your favorite great-aunt's cousin's dog -- so that's a good password, right?

"Sadly, that's not true," said Ripley. "Modern-day bad guys don't bother trying to guess your password themselves; they have computers do it for them."

Using special programs and huge lists of words, these cybercrooks try millions of different words -- long words, short words and foreign words. They can try every word in every dictionary, in every language on Earth; every dog's and cat's and goldfish's name imaginable. They try all those words with dIffErenT cApITaLiZation, and all kinds of oth3r vArati0ns! They'll keep guessing for hours, or even days -- the program doing the guessing never gets tired or bored.

"A random string of numbers and letters makes the best password," says Ripley, "Unfortunately those are very difficult passwords for most people to remember."

Ripley offers these tips on choosing and protecting a password:

  • Long and complicated isn't so hard. Think of a phrase that will be easy for you to remember; use the first letter of each word to make a new word, leaving in the punctuation, capitalization and any numbers. Here's an example: "My first cat was named Fluffy. He was orange, with stripes. He only had 3 legs!" Taking the first letter of each word makes "MfcwnF.Hwo,ws.Hoh3l!"…which would be a really good password. Much better than just using the word "Fluffy."
  • Longer the better. In general, choose a longer password, rather than a shorter one.
  • Since you might forget ... Don't write passwords on a sticky note and leave them on your monitor or near your computer. And definitely don't keep your password in a text file on your computer as crackers can potentially access them. However, keeping a list of your passwords in an envelope in a safety deposit box, home safe, or other secure location away from the computer can be a good idea, just in case of an emergency.

Story Source:

Materials provided by Indiana University. Note: Content may be edited for style and length.


Cite This Page:

Indiana University. "Passwords Are A Piece Of Cake -- For Cybercrooks." ScienceDaily. ScienceDaily, 23 July 2007. <www.sciencedaily.com/releases/2007/07/070721220922.htm>.
Indiana University. (2007, July 23). Passwords Are A Piece Of Cake -- For Cybercrooks. ScienceDaily. Retrieved December 3, 2024 from www.sciencedaily.com/releases/2007/07/070721220922.htm
Indiana University. "Passwords Are A Piece Of Cake -- For Cybercrooks." ScienceDaily. www.sciencedaily.com/releases/2007/07/070721220922.htm (accessed December 3, 2024).

Explore More

from ScienceDaily

RELATED STORIES