Choosing a password these days can be tough, especially with old and archaic rules in place to discourage any sort of hacking attempt. The rules often times require passwords that are difficult to remember, causing you to write down the password. This pretty much defeats the purpose of having a secure password in the first place! In order to choose a good password it’s important to understand how a typical hacker would figure out your password. This way we can use that knowledge to create passwords that are extremely secure and can protect sensitive information such as medical records.
Typically a hacker would use one of three methods for figuring out your password. There’s the social engineering way, the common sense way, and the brute force way. If I was going to try to get your password I might first go by your desk to see if you have the password displayed on a notepad or in an easy to find place. I might call you up and act like I’m your bank or software company and that I need to check something and need your password. You would be surprised how just acting like you know what you’re doing can get tons of information that a leery or careful person wouldn’t normally hand out.
I also might try to just guess your password. First I would try the obvious, maybe the name of your children or spouse. I’d try the common ones like “password”. If I wasn’t able to succeed then I’d have to brute force it.
Brute force means to try every possible combination of passwords possible. This can take some time in computer terms depending on how complicated the password is. In general though no matter how secure the password is, even if it includes random numbers and symbols, if it is only 8 characters the password can be found in less than 15 minutes. There are obviously ways around it such as allowing only 3 guesses before being locked out, but in general an 8 character password is considered very weak.
So knowing this, a good password should be about 16 characters at least.
It should be something easy to remember but hard to guess. I recommend maybe two numbers and a few random words. Looking around my desk I can come up with “47coffeemouseheadphones”. Or something like “redhouse84skyline” This has 17 characters, three words and one set of numbers. It’s not too hard to remember but maybe it’s meaningful to me somehow. As long as you never tell anybody your password or write it down these passwords would be hard to guess and take an extremely long time for a computer to brute force guess it. And that ladies and gentlemen is how you choose a secure password!