Website Security and that Awful Password You Were Just Assigned

So the folks that run your Website or email just sent over your account information and without surprise the password is something awful like 3ewREd97HEkE or even worse s+a%E!rU7*e4p-y. You think to yourself ‘There is no way I am going to remember that… Where do I change it?’.

Colleagues, clients and friends of mine are often saying things to me like ‘Please don’t set my account to one of those crazy passwords that mean nothing’, or ‘You are not going to geek out on me and send me an unusable password? I hate it when you guys do that.’.

Why We Set ‘Geek’ Passwords

Web security is a huge issue. There are an uncountable number of ways to get into a site  or email account and effect its performance, deface it, steal data or take it down. All this can happen without you having fierce competition or having pissed someone off. In fact typical Website hacks are random, automated and unprovoked. So lets just say your developer has done an incredible job of locking down your site or your email system, stays on top of all security updates. Well your ‘fortress’ has one obvious point of entry (several actually)… the front door. By this I mean the login. By simply passing the right credentials to a sever, database or Web login your in with no hacking required. Well the bad guys get this too and can focus on this point of entry rather than the more complex methods of hacking into a system. Also remember the bad guys are usually ‘bots’ or large automated network of computers all over the world not just a lonely teenager in there parent’s basement.

How Strong Is My Password?

There is a great Website, which will tell you how long it would take a single desktop computer to crack your pasword. Here are a few examples and the progression of complexity:

Password: newyork : Time to crack: Instantly

Password: newyork89 Time to crack: 7 hours

Password: NewYork89! Time to crack: 58 years (notice the capitalzation and special characters)

Password: 3ewREd97HEkE Time to Crack: 25 thousand years

Password: s+a%E!rU7*e4p-y Time to Crack: 157 billion years

Now you get why we send those awful geeky passwords. If you are going to change them be sure to be smart about about it (please).