When you are creating a password for a website, how many times did you have to keep erasing and make a new one because it did not fit the website criteria? Most websites generally require to you to have at least eight characters, a capital letter, and a number. Even now, I more commonly see websites require you to have not only a capital letter, eight characters and a number, but also a special character as well. Websites always indicate that a combination of lowercase, uppercase, numbers and special characters are the most secure passwords, but the FBI has recently proposed a different statement. The FBI recommends pass phrases over password complexity. When your passphrase is a combination of random words that are longer than fifteen characters in length, it will take a computer significantly longer to crack it than a complex password because the computer will not have the dictionary to attack with. An example of a passphrase would be footballtoothbrushtstreet , stableremoteplace, etc. For the passwords that require capitals and special letters, I tend to forget them and find myself constantly resetting them, which is a problem because my accounts are more at risk that way. Mathematically the easier to remember password but longer is more secure than a shorter complex one. Although these passwords are rather silly, they are random and easy to remember, but they are long and secure. It is a lot harder though to follow the FBI recommendations though, because most websites, including major things such as banks and credit card companies, require the several password requirements. With those restrictions, you cannot follow what the FBI recommends. What do you think about the FBI’s recommendations? Do you think length is more secure, or complexity?
https://www.zdnet.com/article/fbi-recommends-passphrases-over-password-complexity/
I am fully for changing passwords to passphrases. It’s been found that if someone just picks four easy to remember words, that passphrase would be stronger than any combination of symbols add to a word. So I believe that all website passwords should be required to have four words for their passwords as it would be mush more secure for all of our information. And since most of our devices remember our passwords for certain websites so the words don’t have to be the same for every website which will add to the security of our information.
Passwords are one of the most important aspects of the internet and its security should be on everybody’s mind. Passwords are the main force that prevent intruders from getting into your accounts and taking your information. An important thing to remember who it comes to password security is that it’s all about what you put as your password. You determine how easy it is to crack your password with the amount of effort you put into making it complex, but in a way in which you remember. In the article I found the author states “The main advantage of passwords is that everybody can use them straight away,” (Sancho) and while thats true and convenient, its not a good idea to make a weaker password to remember easier. The article from TrendMicro suggests that you need to use a different password for each website that you use and to use long and hard passwords for each with special characters and phrases like stated in the original post. Its also important to keep the passwords off the internet and on a tangible paper that is known only to you. So, according to the FBI’s rules about passwords, I agree with them because passwords are people’s livelihoods and the more secure the better.
Sancho, D. (2014, April 30). Passwords: Not Going Away Anytime Soon. Retrieved March 1, 2020, from https://blog.trendmicro.com/trendlabs-security-intelligence/passwords-not-going-away-anytime-soon/?_ga=2.44086948.1473506972.1583090453-157611403.1583090453