What? How To Make Your Password Uncrackable For 27,000 Years

Everyone knows you’d rather use your first name and the year you were born for your password – even hackers.

And because of technological advancements, hackers can jailbreak a password like “jim725” in 54 milliseconds. Capitalizing the “J” in “jim”? One second. Add an “!” at the end? About 22 seconds.

And, Bam!, a hacker can go on a field day, getting your credit card information, banking info, log-in information for every site you visit or shop at.

Even though password managers have saved the day for the millions of people who use them, using passwords like “$h5R0n782%9^K” might seem silly to the multi-millions who don’t and would rather stick with something they can remember or something they can stick in a note on their phone (which, by the way, if your phone gets hacked, the passwords you’ve put in there will get hijacked, too).

“By now, most people know that the longer and more complex a password is, the harder it will be for bad actors to crack,” Optiv Senior Consultant Kevin Higgins told ConsumerAffairs.

“But, research reveals people still use basic passwords and patterns for memory’s sake, and worse yet, many reuse the same password across accounts – culminating in an ideal playing field for cybercriminals.”

Ready to get serious about your passwords?

If you want to take 10 seconds to see how strong your password is, go to this password strength checker and see for yourself. If the result is longer than you think you’ll live, then maybe – maybe – you’re ok. But, if the result comes back with an answer of minutes, months, or a few years, just remember in the hacker world, it’s man vs. machine and the machine doesn’t sleep. 

Still, improving your password hygiene is not a time-waster nor is it as difficult as everyone thinks it is, Higgins says. When ConsumerAffairs asked him for a simple list of best practices to make passwords “uncrackable,” here’s what he shared…

Long and complex passwords are the hardest to crack. Higgins’ best advice for ideal password length is 12 or more characters, including a mix of lowercase and uppercase letters, numbers and special symbols (an exclamation point or # symbol, for example). “Research shows that a 12-character password could take 27,000 years to crack and cost hackers $6.4 trillion to do so – a sound deterrence strategy!” Higgins emphasized.

Consider using a ‘passphrase’ to create a complex password where a sequence of words or other text is strung together. As an example, researchers at the University of California at Santa Barbara’s Life Sciences Computing group suggest something like this for a chocolate lover: i<3ch0c0L8mmm.

Avoid using easily researched answers to security questions, such as the city you were born in, a pet’s name, or your childhood best friend. Social media makes the answers to such questions easy to find.

Do not use the same password across multiple accounts. Using a different password for each and every account can be a pain and make credentials difficult to remember, but it will be even more painful if you have to recover from a data breach due to poor password hygiene—because, if you are a “password repeater,” once a cybercriminal has hacked one of your accounts, they can easily do the same across all your accounts.

Password manager software is a great way to manage all your online credentials, including usernames and passwords. Higgins gives password managers two thumbs up because they store credentials in a safe, encrypted database that generates new logins when needed. And, it’s not as difficult as it seems, either. “Users only need to remember one master password, because password managers automatically plug in stored passwords when you visit a site,” he said.