One more reason why passwords are no darn good
- By William Jackson
- Aug 01, 2011
It might look secure, but even an eight-character, alpha-numeric password with upper and lower case could be trivial to crack.
Take, for instance: !QAZ2WSX. A study by Imperva found this was the most common strong military password.
It appears to be an improvement over favorites identified in 2009, which included “qwerty,” “12345,” and names such as Michael, Daniel and Jessica. But take a look at your keyboard, and you will see that it is an easily predicted series.
Can't remember all your passwords? Try these tricks.
“We aren’t the only ones who are taking note,” Rob Rachwald said in the post. He displayed a screenshot from a hacker forum that showed the SHA1 hashes for this and a variety of other common sequences.
“Enforcing strong passwords means anticipating all kinds of keyboard sequences,” he wrote. The problem with that is keyboard sequences are a great tool for remembering complex passwords that you are not supposed to write down.
The solution? Rachwald recommends the pass phrase, a series of words that can easily be made long enough to resist brute force attacks. “More importantly, they are easier to remember and harder to crack,” he said.
William Jackson is freelance writer and the author of the CyberEye blog.