Password Strength Checker
Passwords are the weakest link between websites user and the computer security chain. Website designers and masters try to guide their users to strengthen their passwords by implementing certain rules. Despite this users will opt for selecting weak passwords. What users must do is to use a password strength checker before they decide the password they want to use.
Using the same password across different applications is another mistake web users make. There are countless incidents which are reported in newspapers, news sites and websites reporting hackers breaking passwords and robbing people of money or vital information.
What internet users don’t realize is that they have a fair amount of their information floating around on the web. In social media and some email sites and even in shopping sites we gladly submit our info. A first name, last name, date of birth is easy to find as it exists on the internet. Most people as a habit use this info also when creating passwords. It just makes the job of a hacker much easier.
We are getting no better at strengthening our passwords or taking measures to do it. Software and hardware to crack passwords are improving relentlessly. Website owners and masters employ some measures to force users to strengthen passwords. Strength meters are displayed to show users the strength of their passwords and are asked to try a different password if the strength is weak or medium.
Some of the commonly used passwords strengthening measures recommended by website managers and password strengthening applications are:
- Use alphabets and numeric’s
- Use special characters in password
- Use upper and lower case alphabets.
When a user follows these instructions and enters a password a strength meter displays the strength of the password. Most password strength meters check to ensure that the password abides by the predetermined rules. If the strength displayed is ‘strong’ a user will use it.
But do these rules really work? Not really, as brute force attacks are quite aware of these rules and have built them into their applications. They assume all guesses are equally good and try them. They create a repository of real commonly used words and then use combinations of them to crack passwords. Some attempts succeed while others fail. But the hacker has achieved the ability to crack some passwords.
By nature people are creatures of habit and follow certain patterns. They use the same techniques when it comes to creating passwords. Hackers know people use capital letters at the beginning or end and do the same with numeric and special characters. People take faith in using Microsoft password checker as Microsoft is a well known and reputable organization.
When selecting a password using password meters, users should test different password meters. They can use best passwords ever or passwords examples to test password meters. Yes, the password meters will give different results. This means that all of them do not follow the same rule set.
A research conducted by Concordia University, Montreal concluded that “commonly used password strength meters are highly inconsistent and blatantly misleading”.
However there’s hope as Microsoft conducted a research and concluded that password strength checkers have forced users to select better and stronger passwords. This means that password meters have nudged and forced people to select stronger passwords. There are several utilities on the internet that educate people on how to stop using their habitual traits and employ stronger and harder to crack passwords.
Remembering different passwords is the biggest problem for users. For example, if a user has different passwords for his or her email, Facebook, Twitter, Skype and other commonly used applications they tend to forget them or use the same password across the board.
The reason is that as soon as you enter a password on an application the search browser that you are using offers to remember it. Once you agree you tend to forget it. But this is not a good practice. If the browser crashes and you reinstall it, you stand a chance of losing your password. Therefore the best practice would be to write down the passwords for different applications and store them safely off-line.
There are some sites that offer password hack time calculator application. Try them and see for how long your password will hold out before it’s cracked. If the time stated is short; change it. Look at the most common passwords list before deciding on a password to use. The list may be quite long but it will help in ensuring that you don’t use a listed password. Remember hackers also have access to all such lists and add them into their repositories.
We are lazy when it comes to changing passwords. Once we have selected a secure, password we will continue to use it for as long as we can. This is a habit that we must change. We should change our passwords frequently. Most studies on passwords recommends that users should change their passwords after ninety (90) days. In fact some organizations enforce this rule on staff that use the organizations intranet for their work. Some websites also enforce this rule.
This is a good rule and people should adopt it. The more frequently you change your, password the lesser are the chances of your password being misused.
If you were to navigate to searchenginereports.net website, you can scroll down the ‘Free SEO Tools’ icon till you hit Password strength checker. Select it and enter the password you want to use. It will display the password entered, its strength and its difficulty level.
If the strength and difficulty levels are low or medium; try another combination or a different password. Once you have entered a password which is strong and difficulty level over 90%, use it.
However, even if you have selected a very strong password don’t use it across all the sites. Use different passwords for the different sites you commonly use and change them periodically.
Visit DEF CON website and look at their Hacking Conference and you will see what an insecure wireless and internet world you live in.