Routinely we’ve been told to think of a crazy combination of letters, numbers and characters to make a secure password. Something like this is supposed to be generated and burned into our memories, yet changed every few months on every single site that requires a password: J4fS<2. I just typed that (ok, copied it), and there is no way I will ever remember that as a password. Good thing, too, because that’s actually not a very secure password. You and I are actually better off using a phrase like “this is fun” as password, as the it is not only easier to remember, but length and inclusion of special characters make it 10x more secure than that other complex password.
The complexity of a password determines its security and ability to be compromised by hacking, according to research by Thomas Baekda. If your password takes too long to try to hack, it is a secure password. Factors like network latency, bandwidth and server speeds limit the number of requests a hacker can make on your password. A hacker armed with a common word dictionary trying to hack “this is fun” would take 2,537 years to hack. Those spaces, by the way, help make the password secure, as it they are special characters and special characters are critical to the complexity of passwords. If you used this type of password for anything you do online and it was attempted to be hacked, the hacker would be shut out long before they cracked the password.
To make a secure password, Baekda suggests using a 3 word phrase separated by a special character – such as a space – between the words. Don’t necessarily use “this is fun” (obviously) but aim for something easy to remember. Using less-than-common words is also best, such as the example Baekdal provides: “fluffy is puffy”. This phrase would make a secure password as a hacker would need much more than a common word dictionary to crack this password, while you actually can still remember the password.