A strong password can protect you and your data from intruders. On the Internet, any profile requires a "password" to enter. Only you should know it - and no one else. So you have to try pretty hard to come up with a decent secret combination that is not so easy to recognize. In some cases, you can use one trick, but it still cannot fully secure your profile on the Web. What tips should you use to make your "password" difficult to guess?
Numbers, letters, symbols
The strongest password is one that is difficult to remember and hard to guess. Therefore, users always think about what to put as a "password" for authorization on various services.
The first advice given by advanced "users" is to use a combination of numbers, letters and symbols in their secret combinations. It is also recommended not to create short passwords - it is better to keep them long and difficult to remember. This way you will be able to secure your data.
What specific combination should you use? You will have to come up with this yourself. However, there are a few more tips to help you create a strong password.
Register
Note that passwords are often case sensitive. In other words, they distinguish between lowercase and uppercase letters. This is a great opportunity to diversify your secret combination.
When coming up with a strong password, try to combine not only numbers with letters and special characters, but also alternate uppercase and lowercase. This approach helps to complicate the task for the attackers. Most importantly, do not forget yourself where which letter is in which register.
It is recommended to capitalize the very first letter, and then alternate it according to the principle "one after another". This kind of trick will help you not to get confused in the password you invented. So consider this advice. Which password is more secure? One that uses a variety of registers when writing. It is possible to do without this feature, but it is not desirable.
Shifters
They say that you cannot use dates that are important to you in passwords. But this is not the case. It is enough to diversify the approach to this issue a little. There is such a technique as "shifters". It helps you use important dates in your passwords. At the same time, it will be very difficult to unravel your secrets.
What is this principle based on? At the very beginning of your chosen password, you should write some date. For example, your birthday. And at the end - the same date, but inverted. If 123 is written in the beginning, then in the conclusion - 321. As you can see, there is nothing difficult in this. Therefore, this technique is used by many users. It is easy to remember the general principle of building a "secret record". This means that you will not forget the "password" just like that.
Now it's worth taking a closer look at strong passwords. Examples of these with the use of "shape-shifters" - this is what will help you figure out exactly how to make a good combination for authorization in your account on the Web.
Let's assume that the "body" of our password is the user's first and last name. Then we print: IvAnIvAnOv. Now you should use the "flip-flops". For this we take some date. For example, how often is chosen - the user's birthday. Let in our case it will be May 4, 1988. And we dilute all this with symbolism. The resulting combination is: 4051988! ~ IvAnIvAnOv ~! 8891504. Here's a complex password we got. In fact, it is easy for the user to remember it, but it is extremely difficult for attackers to guess. In any case, practice shows just such a situation.
Generating
If you can't come up with a strong password on your own, you will have to use one little trick. Just do not think that it will completely protect you from hacking. There is nothing better than a personally invented "password".
What kind of reception are we talking about? About using special password generators. They themselves make up "secret combinations" using symbols, letters and numbers. Taking into account the registry, of course. But "shifters" are not used here.
Any password generator can be downloaded. Just launch the application and click on the Generate button (or something like that). You will receive a password combination. It can be supplemented or used in its original form.
One of the most significant security concerns in an organization is the passwords for important user accounts. Even if you carefully plan and configure Group Policy security settings, including firewall settings with Advanced Security, deploy antivirus software and keep your system and antivirus software up to date, configure IPSec policies, deploy NAP servers, and accounts your users will not have strong enough passwords, the security of your entire company may be at risk.
Of course, you can, and even should, use Group Policy to limit the generation of complex passwords, set an interval for blocking an account if the password is entered incorrectly, and configure audit policies to analyze unsuccessful login attempts. But even passwords that the operating system will consider complex (that is, the length of the password will exceed a certain number of characters, the password will contain upper and lower case characters, as well as numbers), can actually turn out to be vulnerable and easy for intruders who will crack them. ... It is this stage of ensuring the security of your company that can be the most difficult for you, since here your participation plays only a mediocre role, and any negligence on the part of your users can fatally affect the infrastructure of the entire company. In other words, in this case, you need to try to force your users to create secure passwords, remember them, change these passwords periodically, and also keep these passwords with you, which, in fact, can turn out to be much more difficult than planning the organization's infrastructure, and also deploy and maintain a server with appropriate server roles.
In this article, I will talk a little about the reasons for which passwords cannot be created, as well as how exactly you need to create passwords for your accounts. Let's consider everything in order.
Password cracking techniques
One of the most common methods of attacking any infrastructure is cracking user passwords that are authenticated in order to gain access to an organization's internal network. Accordingly, if an attacker gains access to a user account, he will be able to get through to any internal company documents and other protected information. In addition to user accounts for accessing the internal network of an organization, cybercriminals also often try to hack into accounts of e-mail, social networks, blogs, and others. Therefore, users should be told that they cannot use the same password for all their accounts, much less a simple password.
In principle, there are many methods of cracking passwords, but this article will briefly discuss only the basic methods that are most common in our time. These methods include logical guessing, dictionary enumeration, brute force (or brute force), as well as the most serious method - the use of the human factor.
Logical guessing
This method is the simplest, and usually starts with a logical guessing of the password. For example, an attacker might try to guess your users' password by knowing your user's first name, last name, and, say, his year of birth. For example, if a user creates a password of the type "Surname + year of birth" or the login specified in the reverse order, you don't have to worry too much, such a password will be cracked in a few minutes.
Looping passwords using a dictionary
Since many users like to specify one word for any of their accounts as passwords, be it the name of a volcano in Iceland or the name of a favorite rabbit and, at most, add one digit to such a password, attackers can crack such a password using pre-selected passwords which are loaded from special dictionaries. Such dictionaries usually include words from different languages that may be used by inexperienced or insecure users. Password guessing using this method usually does not take much time and an attacker will be able to gain access to your users' data in just a few hours. And since there are a lot of such dictionaries in the Internet, you should immediately explain to users that they should not use such passwords, since not only their social network account, but also the entire infrastructure of the enterprise may suffer.
Another method related to dictionary brute force is brute force on the table of hashed passwords. This method is used when the attacker was able to determine the password hashes and he only needs to find a password in the database that will fully match the given hash.
Brute force method
The brute force method or full (direct) brute force method differs from the previous method in that when guessing a password, not a specific dictionary is used, according to which a simple password can be found, but a large number of any possible combinations. In this case, as you understand, it all depends on the complexity of the password and the number of characters. I think many of you have seen the following table, based on which, you can roughly estimate the complexity of the created passwords, given that the passwords will contain only letters of the same register with numbers and the search speed is 100,000 passwords in one second:
|
Number of signs |
Number of options |
Search time |
|
less than a second |
||
|
less than a second |
||
|
less than a second |
||
|
2,821 109 9?1012 |
11 months |
|
|
1,015 599 5?1014 |
||
|
3,656 158 4?1015 |
||
|
1,316 217 0?1017 |
||
|
4,738 381 3?1018 |
1 505 615 years |
Accordingly, a more or less strong password can be considered a password, the length of which will consist of at least eight characters. Since when writing this article, the main task was to consider methods for creating strong passwords, it will not consider means of implementing brute-force password brute-force.
Using the human factor
Despite the fact that when using the human factor, no technology is used, this method in most cases is considered the most effective and sometimes even the fastest, since in this case the attackers obtain passwords by an illegal method from the users themselves, and the latter can even do not suspect. First of all, when using this method of obtaining user passwords, the attacker usually finds out the names of the organization's employees, which he can both know initially and find on the same, say, the company's website, and after that, according to a scenario thought out in advance, the attacker can get almost any data from users. There are a lot of methods for obtaining user passwords using the human factor. Let's take a quick look at the main methods:
· Phishing... It is a fairly common method of obtaining the necessary information from users. The term phishing itself comes from the English word fishing, which translates as fishing and is a type of fraud, the main task of which is to gain access to confidential user data. The attack itself takes place as follows: the user receives a letter to his mailbox, say, from a bank, where the user is offered to change his password on the website by clicking on the link provided. In fact, such a link leads to the hacker's site with a page that is very similar to the bank's page and when you try to change your password, the password will be sent to the attacker;
· Infecting computers with Trojan horses... As you know, a Trojan horse is a malicious program that is spread by cybercriminals, with the help of which it can gain access to data, depending on what task it has set for itself. In turn, user passwords are no exception;
· Qwi pro quo... This method comes from the Latin expression qui pro quo (one instead of the other), which also means a misunderstanding resulting from the fact that one person, thing or concept is mistaken for another. In the case of password theft, this method involves calling the attackers to the company. An attacker could introduce himself as a technician and learn about vulnerabilities in the organization and take advantage of them. Or just find out the user password by phone;
· Pretext... This method is the easiest. By and large, using this method of stealing a password, an attacker may even, to some extent, be far from hiking, since in this case, actions are performed that have been worked out according to a pre-compiled pretext or, more simply, a scenario. He can start communicating with the user on some kind of website, by means of correspondence by e-mail, UIM messengers, etc. For obvious reasons, this method may take much more time than all those indicated earlier, but, nevertheless, it is also in demand.
The simplest method of stealing a password is shown in the following illustration:
Generating complex passwords
Chances are, you've all seen the following picture.
Here, in a rather simple and comic form, it is drawn which passwords can be created and how your users will interact with such passwords. To be honest, you can disagree with the method shown in the picture, since the second password can be cracked faster than the first, even though it will take the attacker some time.
First of all, as I said at the beginning of the article, in any case, you need to configure restrictions on the creation of complex passwords using Group Policy, moreover, such policies should be bound not for a specific department, but for the entire domain. Of course, by configuring security policies, you prevent the creation of passwords like "123456" or "qwerty", which users like to specify, user passwords may still be vulnerable to hackers.
For example, if your sales department has a user named Vladimir, who was born on the 9th of a month, his password may well be something like "Vladimir9". As you can see, this password is nine characters long, which is likely to exceed the password length preset by Group Policy. In addition, this password contains letters from a different case (well, it is useless to indicate your name with a small letter) and this password contains numbers (in this case, the user's birthday). Accordingly, the password will meet the requirements specified using Group Policy, but it can be cracked literally in a matter of seconds.
You should try to convince your users to create complex passwords for any of your accounts, create different passwords for each account, and store your passwords in your memory. The last two points are the most difficult, since most users are used to having one password for their Active Directory account, and it is also good, if so, to have one password for mailboxes, social networks, trackers, forums, and so on. If you still forced your users to create a complex password, pay attention to the fact that many people like to write it down on a piece of paper and glue it to their monitor, keyboard, etc., which is unacceptable, since it is difficult to call it a password.
How to create the password itself
It is desirable that the user password be at least 8 characters long, and that the password contains letters in Latin letters in different registers in random order, the password contains numbers and so that there are also special characters. If a password is created for an account that will log on to the server, then it is advisable to create passwords longer than 12 characters. In most cases, users rarely bother thinking of such passwords. Therefore, you will need to come up with passwords or instead of them, which is extremely inconvenient, since if you have 20 users it will take some time, but you can handle it, but if you have more than 100 users it will take a whole day for such a pointless activity. And they still need to be changed periodically, tk. no password can be perfect.
Therefore, you can either direct users to sites with password generators, for example, to the site http://genpas.narod.ru or sites with similar functionality. There are actually a lot of such sites. You can also write a page on your internal web server that will provide the same functionality, which is also unlikely to take much time, even if you have no web programming skills. And you can notify users of the presence of such a page on the site, say, using an official mailing list. Accordingly, your users will not need to waste time to come up with a complex password, but will only have to remember it.
You can also tell your users about simple scripts to create a complex but easy-to-remember password. You can think of hundreds of different interesting scenarios. Let's consider several such scenarios.
1. Take two Russian words - a verb and a noun. For example, the words "cook" and "candlestick". Add an arbitrary number that will be divided into two parts, for example, the year of birth of your favorite writer, say 1966, and also take any special character, for example, a question mark. Now write down everything you found earlier in the following order: the first word with a capital letter, the first two digits from the year of birth, a question mark, the second word with a capital letter, and the last two numbers. You should get something like this: "Cook19? Candlestick66". now we will type the received password on the English keyboard. As a result, your user will have the following password: “ Ujnjdbnm19? Gjlcdtxybr66". In such a password, 23 characters turned out, moreover, it is unrealistic to pick it up by brute force, and using the brute force method it will take an attacker, to put it mildly, more than one month.
2. Take any tongue twister, for example, “In the bowels of the tundra, otters in leggings are tying cedar kernels into buckets” and take the date of birth of the user's great-aunt, say, October 29, 1957. Now write down every first letter of every word in English, and write down each the second letter in upper case and between some words put one number at a time, and at the end of the password put an exclamation mark. You should get the following: " vN2tV9vG10tV19vY57k!". Again, it will be very difficult to find such a password.
3. Take any line of your favorite poem, for example, "It is not for nothing that all of Russia remembers about Borodin's day!" and write down two letters from each word in the English layout, and, for each new word, write an uppercase letter. At the end, you can put your birthday. For example, in this case you should get the following: “ YtGjDcHjGhLt
4. Take a difficult word that you remember, but that this word is not often used in colloquial speech. For example, take a word that is ashamed not to know, namely the name of the volcano that erupted in Iceland in 2010, namely: Eyjafjallajökull. There are 16 letters in this word, so we insert the year of the event after the 8th letter, i.e. 2010 and write all the words as in the previous examples in the English layout. We will receive the following complex password: “ ”Qzamzlk2010fq`r.lkm».
You can still think of a lot of different interesting scenarios. Most importantly, these passwords are not difficult to remember and are considered difficult.
There are many ways to check the complexity of the generated password. For example, Microsoft has a password checker that will let you know how strong the password you generated is. To do this, go to the Password Verifier page and enter your password in the corresponding text box. You will immediately receive a notification indicating the complexity of your password. An example of this tool is shown in the following illustration:
Conclusion
In this article, I discussed the methods of cracking user passwords, as well as how you can create a password that is difficult to crack, but which will be quite easy to remember. I hope that with the help of the four simple examples outlined in this article, you will be able to teach your users to monitor the safety of their data and create complex passwords. What scripts do you use to generate complex passwords?
Password- the only thing that truly protects all our important data from hacking. There are many ways to hack user accounts and gain access to confidential, personal, business, and financial information. This is especially true for business owners who are concerned about the security of their data. It is often enough for cybercriminals to break into the mail of one employee to gain access to important business information of an entire company. That is why it is so important to educate employees about online security, in particular, explaining what passwords are and how to create a password correctly. And this is no less important for individual users who use the Internet to communicate and make payment transactions with the introduction of their bank card details.
How to create a password and why are light passwords ineffective?
Most users do not ask themselves how to come up with a password. If you have an easy password, be sure that sooner or later you will be hacked. What is a light password and why is it so vulnerable to cracking? As a rule, this is a combination of a word and a number. Most often, users choose their last name and date of birth as a password. For example, Ivanov1976. If they plan to hack you, most likely this combination will be entered first. Any dictionary words also turn out to be ineffective, since searching passwords using a dictionary is another common attack technique. Within a few hours, the password will be cracked.
What password should I come up with? First, the long one. If your password contains less than eight characters (Latin and numbers), this means that the number of possible combinations of them is 78 364 164 096 and by brute-force combinations (using a special program) such a password will be cracked in a maximum of 9 days (if the search speed is 100,000 passwords per second). Add one more symbol and it will take an attacker 11 months. Therefore, strong passwords contain more than 8 characters that combine upper and lower case letters, numbers, and special characters.
Today, almost everyone is already aware of the need to have complex passwords for each of their accounts, but most still continue to neglect the basic principles of security on the Internet. Even the most complex password can be stolen if you lose your guard and enter your data on phishing sites (in other words, fake sites), save passwords in the browser (can be stolen by a Trojan), or download programs of dubious origin (this can be a keylogger who will steal all user-entered data). Simply put, anyone can become a victim of online scams. However, knowledgeable means armed. If you are attentive and accurate, and also know how to come up with a strong password, you can protect yourself from intruders.
How do I create a strong password?
So, we have already found out that complex passwords contain more than 8 characters. These must be upper and lower case letters (that is, small and large), numbers, and special characters.
To answer the question of how to create a password, the easiest way is to suggest using the online generator that you will find on our website. He will create for you several variants of combinations of Latin letters, numbers and symbols. The program generates passwords in absolutely random order, and you can be sure that your password will be unique. But if you want to further uniqueize it, you can replace any of the symbols with whatever you like. Of course, remembering such combinations is quite difficult, and most often the only option is to write down such a password in a notepad that will only be available to you.
Strong and complex passwords: creating
However, you can come up with a complex password that is easy to remember on your own. There are several standard scenarios for this.
1. Choose two words in Russian - let it be a noun and a verb. For instance, " curtain"And" embroider», Add to this the year of birth of your favorite writer, artist, musician. Let it be 1924
... Add any other character - for example,%. Now let's write it all together " Curtain19% Embroider24"(In any order). And finally, we write it down in Latin. It will turn out Uahlbyf19% Dsibdfnm24... It will take an attacker forever to find such a password using brute force.
2. The second way to make a complex password is take a line from a poem or tongue twister... Take two letters from each word and write in Latin, using uppercase for each first letter. This is another complex password.
3. Choose any compound word that is rarely used in speech. The more letters the better. Write it down in Latin letters, add a significant date (it will be better remembered if this word is somehow connected with this date), and break the word into two parts with this date.
There can be an infinite number of such scenarios, and perhaps with a little thought you can come up with your own. If you still do not know what password you can think of, use ours. The main thing - do not forget that you cannot tell your passwords to anyone, do not store them in your browser, in notebooks on your computer.
The VK social network has an excellent security system that protects users from guessing passwords to their pages, even if the attackers learn the logins from other people's accounts. In most cases, when an account is hijacked, the user is to blame, and one of the reasons for this is the simplest password.
What does the simplest password mean? This is a lightweight password that usually consists of just a few numbers or letters. Here are some examples of the simplest passwords:
- zxcvbn
- iphone
- 88888888
- password
- andrei
These are just a few examples, but you get the point and this is the main thing. The more complex, and therefore more reliable, the password, the lower the likelihood that the account will be opened by hackers.
How to come up with a complex password for VKontakte?
There are several different ways to come up with a password. We will consider one of the popular and at the same time operating schemes.
So, first, let's define the number of characters in the password. As a rule, experts advise using at least 8 characters, but this is the very minimum (by the way, many users use a 6-digit password at best). And although 8 characters is the minimum length of the recommended password length, the actual number of characters in it should be at least 10-12. Tell me, is that a lot? But the security of the account is hundreds and even thousands of times higher.
Now let's start creating a password. Remember, it must contain both numbers and letters of different case and even special characters.
The easiest option is to take some Russian word and write it in the Latin layout. For example, the word smartphone on the English layout it looks like this - cvfhnajy... This word has 8 characters. Few? Wait, we're not done yet.
So the word cvfhnajy... To it we add a figure, for example, some memorable one. Let it be the number 201. We get the word cvfhnajy201... Just in case, we write the password with a capital letter to complicate the task for attackers and get Cvfhnajy201... Enough? No, you need to add special characters, for example * ... Now our password looks like this - Cvfhnajy201 *, as many as 12 characters, while the password itself is complex and easy to remember. Of course, it is given as an example and we strongly do not recommend using it - come up with your own, good, it's simple.
By the way, the password itself, just in case, you can write down somewhere in a notebook or notebook, and remove the latter as far as possible from human eyes.
Welcome to the blog site! I have long wanted to write an article about what the password for an account should be so that it would be very difficult to crack it. This article will show you how to create a strong password. We will discuss techniques that will help not only make your password safe, but also not difficult for you to remember.
Now we can no longer imagine our life without the Internet. Almost every site asks for registration. The most popular resources are social networks. Every day, millions of users are authorized in their accounts. We run the risk of making a lot of mistakes by sending important data in messages. It's good when there is a complex password for VK or another popular social network, it helps to protect yourself from intruders.
Several methods to complicate the password
What should be the password? This question is being asked by hundreds of Internet users. There are the following types of passwords:
- alphabetic;
- symbolic;
- digital;
- combined (a combination of the previous options);
- use of register.
The first three are not credible. These are too easy ways to create a password. Out of inexperience, we make mistakes and set them up. Okay, this will be a "password" for an account on a forum or other similar place. And, if this is the entrance to the bank's office, all your money will be lost. The only thing that saves is that the security service of such sites has developed a system to reject light passwords.
Letters, numbers and symbols
A combination of letters, symbols and numbers is the safest kind of password. You need to seriously break your head to guess it.
Experienced "users" advise beginners to use this particular combination. Also, don't make it too short. A long combination will keep your data and correspondence safe from third parties.
The main thing is not to use the banal phrases below:
- "123";
- "123456";
- "321";
- "Qwerty";
- "Asdfg".
These and other similar sets of characters from the keyboard are guaranteed to be hacked. Not only they come to your head first, but hundreds of people. They will be calculated not even by a special program, but usually by an ill-wisher.
How to choose a password for mail or other type of authorization? This issue is worth tackling on your own. Several more options for complicating the password will come to the rescue.
Register
Before entering your username and password, you should pay attention to the case-sensitive case of some forms. Combining uppercase and lowercase letters will make your password more secure.
When composing a secret word, think about its variety. Alternate uppercase and lowercase letters one or more at a time. This method will seriously upset online villains.
The most annoying thing is if you yourself forget the order. According to the recommendation of experienced users, it is worth making the first character uppercase, the second lowercase, and then alternate one by one. It is better to take note of this advice, so as not to rack your brains later.
It is possible to do without the introduction of register features into the "password", but this is still another method to increase the password complexity.
Shifters
The date of birth that any user will remember is the most banal and simplest way. If you beat it correctly, it can turn out to be a good option. Using the "flip", many have managed to create a winning password that is unlikely to be solved.
The method is based on writing characters in reverse order. Choose any date, for example, when you were born and type the text in reverse. If you have conceived the phrase "081978", then turning it over, we get "879180". It is quite easy to remember how such a password is written.
Consider other more complex ideas as well. Let's say your password is based on your first and last name. We type, already knowing the technique using the register - "PeTrPeTrOv". Now we will apply the tactics of "shifters". We apply the date, for example, when the user was born - February 21, 1982. Plus we add symbols to everything. At the end, we get the following example of a password - "PeTrPeTrOv! 28912012". The result turned out to be overwhelming, because for the "user" it is simple and easy, but not for the intruders.
Check the strength and security of your password using online services:
- https://password.kaspersky.com/en/
- https://howsecureismypassword.net/
Encryption
What should be the password? Let's find out another great way. We will consider the principle of encryption. In fact, all the methods discussed earlier have something in common with this. Here we will show what passwords are by encrypting phrases.
We take the most meaningless and unique phrase that will easily be memorized. Let there be "space cockroaches". You can use any lines from songs and poems, preferably not very famous.
Then we apply a cipher to our phrase. Let's consider several correct ways:
- rewriting the Russian-language word in the English layout;
- "Changeling";
- replacing letters with symbols that look similar (for example, "o" - "()", "i" - "!", "a" - "@");
- removing paired or unpaired characters;
- throwing out consonants or vowels;
- addition with special characters and numbers.
So, let's think of a few words with the meaning - "space cockroaches". We take 4 letters from each, we get "kosmtara". Switch to English and retype "rjcvnfhf". Complicating it by starting the cipher with a capital letter and adding symbols.
This is what the password should look like using the example of the originally conceived phrase - “ [email protected]».
A reliable combination with a lot of symbols was invented. Password strength is checked using special services, for example, passwodmetr.com. The combination, as we managed to do not just guess the scammers, because the user's personal data is not involved. But for the "user" such a "password" is a godsend, since remembering such a strong password will not be difficult.
Generator
For those who do not want to spend too much time thinking, developers have long invented generators of complex passwords. This method provides some degree of reliability. The best are still considered "passwords" invented by their own mind.
What is a generator and how do I use it? This is a clever program that displays random passwords - combinations that have come out at random. He uses many of the methods discussed, but does not take into account the "flips".
The complex password generator is downloaded from the network. For example, let's take "keepass". Like any other generator, it is not difficult to work. The application and the generation itself are launched by pressing a special button. After the performed operation, the PC issues a password option. The only thing left to do is to enter the resulting combination in an unchanged form or with additions.
Difficult passwords invented by an iron friend are very difficult to remember. Few people keep them in mind, more often they have to write them down. There are usually a lot of passwords, because we do not sit on one site and constantly register again and again on other resources. Therefore, it is not convenient for everyone to store a bunch of such information. You can completely lose all the papers with notes.
There is one way out with storage - to print them in a computer file. This is one of the safest cases. One has only to remember that the PC system is not eternal and also deteriorates.
All methods of creating complex passwords have already been discussed above and you can create an email password that will reliably protect your data from third parties.
Here are some useful tips for creating passwords:
- not to mention personal information about the user (name of relatives, nicknames of pets, phone numbers, addresses, dates of birth, etc.);
- you cannot use the Cyrillic alphabet in the password;
- do not use phrases that are easily calculated using a dictionary of popular passwords (yastva, love, alfa, samsung, cat, mercedes and others like them, as well as their other derivatives and combinations);
- take into account the length of characters - preferably at least 10;
- complicate the password with a combination of various methods - upper and lower case letters, numbers, symbols;
- do not use the most frequent passwords - patterns, think in an original way (a robot that calculates your password cannot be as smart as a person).
