A week ago I wrote a post about how a few of my friends had their email accounts hacked, and what to do about it.
Part of the instructions talked about creating a secure password – not just the usual blah-blah-blah of “6 to 8 characters including an upper-case, number and special character”, but a REALLY secure password – one with multiple words that are seemingly random but easy to remember.
The comic XKCD illustrated it nicely, and I’m reprinting it again because he’s awesome.
But a recent article in Ars Technica explores the issue of weak passwords in more detail. It talks about what kind of computer hardware and software it takes to actually crack a password (answer: not much) and how long it would take. This graph says it all.
Note the overlap between the XKCD illustration and the graph. Longer passwords are harder to crack. 20-character passwords are all but impossible.
“20 characters?!?” you say, “Nobody can be expected to remember a 20-character password!”
“Correct Horse Battery Staple” has 28. And, as the cartoon says, you’ve already memorized that one.
Go. Change. Your. Passwords. Now.