Skip to content
  • Home
  • Emerging Technology & News
  • Computer Help
  • Privacy and Security
  • Reimage Windows Repair
The Reimage Blog
Menu
  • Home
  • Emerging Technology & News
  • Computer Help
  • Privacy and Security
  • Reimage Windows Repair
Facebook Twitter
Home  /  Privacy and Security  /  Strong passwords aren’t as easy as adding 123. Here’s what experts say really helps
PostedinPrivacy and Security Posted on January 11, 2021

Strong passwords aren’t as easy as adding 123. Here’s what experts say really helps

Posted By Matthew.England

Creating a good password isn’t as simple as putting an exclamation mark at the end.

You’ve seen all the familiar rules for strong passwords almost every time you create an online account. Use capital letters, numbers and special characters, and make it at least 8 characters long (or 10, or 12). These requirements are designed to make it harder for hackers to get into your accounts. However, they don’t really make your password stronger, say researchers at Carnegie Mellon University.

Lorrie Cranor, director of the CyLab Usable Security and Privacy Laboratory at CMU, says her team has a better way, a meter that websites can use to prompt you to create more-secure passwords. After you’ve created a password of at least 10 characters, the meter will start giving suggestions, such as breaking up common words with slashes or random letters, to make your password stronger. 


These tips set the password strength meter apart from other meters that provide an estimated password strength, often using colors. The suggestions don’t come from a checklist, but instead respond to common pitfalls Cranor’s team has seen people make when they set up passwords during experiments run by the lab over several years.

One of the problems with many passwords is that they tick all the security checks but are still easy to guess because most of us follow the same patterns, the lab found. Are numbers required? You’ll likely add a “1” at the end. Is it capital letters? You’ll probably make it the first one in the password. And special characters? Frequently exclamation marks.

CMU’s password meter will offer advice for strengthening a password like “ILoveYou2!” — which meets the standard requirements. The meter also offers other advice based on what you type in, such as reminding you not to use a name or suggesting you put special characters in the middle of your password. 

“It’s relevant to what you’re doing, rather than some random tip,” Cranor said. 

In an experiment, users created passwords on a system that simply required them to enter 10 characters. Then the system rated the passwords with the lab’s password strength meter and gave tailored suggestions for stronger passwords. Test subjects were able to come up with secure passwords that they could recall up to five days later. It worked better than showing users preset lists of rules or simply banning known bad passwords (I’m looking at you “StarWars”).

Cranor and co-authors Joshua Tan, Lujo Bauer and Nicolas Christin will presented their latest password findings in November at the ACM Conference on Computer and Communications Security, which was held virtually. The team hopes its tools will be adopted by website makers in the future.

In the meantime, Cranor says the best way to create and remember secure passwords is to use a password manager. Those aren’t widely adopted, and they come with some trade-offs. Nonetheless, they allow you to create a random, unique password for each account, and they remember your passwords for you.

First published on Nov. 12, 2020 at 5:00 a.m. PT.

Credits: Laura Hautala
Source: CNet.com

Featured Image: Adding numbers at the end of a password isn’t good enough, because you’ll likely just add a 1. Researchers at Carnegie Mellon University developed tools to prompt you to create a strong password you can remember. Stephen Shankland/CNET

Share on Facebook Share on Twitter
Previous Article
How AI redefines advertising in 2021
Next Article
Lenovo’s X1 Titanium Yoga is the thinnest ever ThinkPad

About Author

Matthew.England

Related Posts

  • After Musk tweet, Signal and Telegram see millions of new downloads

    January 15, 2021
  • Stolen or lost Android phone? Here’s how to get it back

    December 9, 2020
  • Google’s 2020: Search giant clashes with DC over antitrust, misinformation

    December 7, 2020
Scan Now

Categories

  • Business
  • Computer Help
  • Emerging Technology & News
  • Privacy and Security
  • Reviews

Reviews

Reimage Social

Security

Popular Posts

  • PCWorld calls Reimage “A Fantastic Repair Utility “ July 26, 2011 Reviews
  • 4 Ways to Keep the Ghouls & Goblins Away From Your PC October 26, 2010 Archive
  • The PC Key to Happiness – A Properly Maintained OS September 2, 2010 Archive
  • Google says hacked websites were attacking iPhones for years September 12, 2019 Privacy and Security

Random Posts

  • MySpace virus November 25, 2008 Archive
  • Razer gets its first 60 percent keyboard, the Huntsman Mini July 17, 2020 Reviews
  • Sony fined $2.4 million over PlayStation refund refusals June 5, 2020 Emerging Technology & News
  • Facebook’s smart glasses could give you hearing superpowers September 4, 2020 Emerging Technology & News
© Copyright 2019
We use cookies to ensure that we give you the best experience on our website.Ok