“Use a strong password.”<\/p>\n
You’ve probably heard someone use that phrase by now and you may be wondering what it means.\u00a0 Well, it doesn’t mean that your password needs to be able to lift heavy weights or perform other feats of strength.\u00a0 What we really mean by “strong” is a password that meets certain characteristics.\u00a0 A strong password is one that has a certain length combined with high entropy.\u00a0 Say what?\u00a0 That’s right.\u00a0 Entropy is probably not a word that you use very often but when it comes to a good password, it’s key.\u00a0 Entropy is “the lack of order or predictability”.\u00a0 So a password with high entropy would be a collection of very random characters.\u00a0 That’s why many password policies require a variation of length along with upper and lower case letters, numbers, and special characters.\u00a0 The policy is forcing you to use a higher level of entropy in your password.\u00a0 The password “abc123” is a “weak” password because the collection of the characters is very orderly and easy to predict.\u00a0 2 comes after 3 and c comes after b, and so on.\u00a0 The higher the level of entropy in a password, the harder it is to guess and crack using automated password cracking algorithms.<\/p>\n
But passwords with high entropy are hard to remember!\u00a0 Yes, they are, and that’s a good measure of whether your password is strong.\u00a0 Can you look at it once and remember it several hours later?\u00a0 If not, it’s probably because it has a higher entropy than you’re used to.\u00a0 Our brains are wired to recognize patterns and things that are familiar to us.\u00a0 This is why we gravitate towards lower entropy passwords.<\/p>\n
Use a passphrase instead.
\nPassphrases are passwords that are much longer than the standard of 8 or 12 character passwords but use a sentence structure with several words and spaces.\u00a0 Passphrases are easier to remember and are more recognizable to our brain but also have a much higher level of entropy because of their length and the positioning of spaces in the phrase itself.\u00a0 For example, a password could be the phrase “the black f0x Jumps 0ver the M00n!”\u00a0 This passphrase would meet the majority of complexity requirements but is also easy to remember once you use it a few times.\u00a0 In addition, the randomness of the words used and the spaces included in the phrase mean that the odds of someone being able to predict the passphrase are extremely low.\u00a0 We have greatly increased the entropy of our password while at the same time making it easier to remember.\u00a0 Yes, it’s a longer password to type, but you will find it only takes about a second longer to type than a traditional password.<\/p>\n","protected":false},"excerpt":{"rendered":"
“Use a strong password.”\u00a0<\/p>\n
You’ve probably heard someone use that phrase by now and you may be wondering what it means.\u00a0 Well, it doesn’t mean that your password needs to be able to lift heavy weights or perform other feats of strength.\u00a0 What we really mean by “strong” is a password that meets certain characteristics.<\/p>\n","protected":false},"author":277,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"","_et_pb_old_content":"","_et_gb_content_width":"","footnotes":""},"categories":[1],"tags":[],"class_list":["post-807","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/sites.muscogee.k12.ga.us\/cybersecurity\/wp-json\/wp\/v2\/posts\/807","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sites.muscogee.k12.ga.us\/cybersecurity\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sites.muscogee.k12.ga.us\/cybersecurity\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sites.muscogee.k12.ga.us\/cybersecurity\/wp-json\/wp\/v2\/users\/277"}],"replies":[{"embeddable":true,"href":"https:\/\/sites.muscogee.k12.ga.us\/cybersecurity\/wp-json\/wp\/v2\/comments?post=807"}],"version-history":[{"count":1,"href":"https:\/\/sites.muscogee.k12.ga.us\/cybersecurity\/wp-json\/wp\/v2\/posts\/807\/revisions"}],"predecessor-version":[{"id":808,"href":"https:\/\/sites.muscogee.k12.ga.us\/cybersecurity\/wp-json\/wp\/v2\/posts\/807\/revisions\/808"}],"wp:attachment":[{"href":"https:\/\/sites.muscogee.k12.ga.us\/cybersecurity\/wp-json\/wp\/v2\/media?parent=807"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sites.muscogee.k12.ga.us\/cybersecurity\/wp-json\/wp\/v2\/categories?post=807"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sites.muscogee.k12.ga.us\/cybersecurity\/wp-json\/wp\/v2\/tags?post=807"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}