YbotMan Blog

Passwords: Best Practices

August 13, 2019

Passwords: Best Practices

Stop trying to remember them, you can't, because you are HUMAN. Every password you use (i have 153 logins now) should be fundamentally different, and random not just similar. Any password that you think is sneaky is easily broken by a hashing computer.

Donts

Don't use any word in your password or anything spelled backward. Don't use extension of 01, then 02 later on. Don't substitute $ for S, or @ or A or 3 for E. Don't let your safari, chrome or firefox be your password database. Don't let your iPhone browser do it, don't even think about your android (especially if its is a Chinese manufactured). You cannot be sneaky enuough to fool even the basic hacking of computers.

How do computers hack your accounts?

1) password brute force

Computers can literally keep guessing with superspeed if they have the encrypted “hash” password of your account. So, how hackable are hashed passwords? With reasonably cheap 'GPU' computers - unbelievably Easy - If your password in under 8 characters - even microseconds. If you have large password around 14 characters (upper and lower and number), maybe a few hours. If you have mega size 20 with upper/lower and special characters - A much much longer time. Current brute force is years to thousands of years. But thats today. Are you going to remember a 20 character random upper/lower/number/special password? Seems unlikely. So make your passwords really big (more than 15 characters).

2) password hash comparison

3) key stroke copiers

Heres what you have to do: Each password should be more that 25 characters long and pure random, not a 'sounds like'. SO, *#84jdFH@)39fHDHfiu\egl{#lq4Ma435#|5 is a good password for your bank and only your bank (well don't use that one). Every other one should be different and different in size as well.

Get a password manager. Just do it today, LastPass, Password1, Keeper, DashLane, Sticky, and many more options. Don't trying to figure out which one is better, go by which logo seems the best to you. There are minor differences, and none are perfect AND they all are a little bit of a pain, but accept it and do it. I use LastPass, and while its a pain, I use it everywhere. I mostly love it. My banks, my gmail, xfinity , apple id, facebook, soundhound grocery store points, bookstore points, coffee online, amazon, and 135 more account to date. I don't know anyof them. I took a couple of weeks to find and change all passwords i had. Every now and again, an old one pops up. I instantly convert it to a random password and use the password manager.

Now, I have to be able to remember my LASTPASS account password, my password to my ScreenSaver on my computer and laptop, and my unlock code on my phone. Thats it. EVERTHING else i don't know.

Yes, I still might be hacked. I won't tempt fate. There are some pretty smart and diligent folks out there and there are aways ways. Machines will get faster, people get better techniques. I could get a key-logger virus from North-Korea. I may have to use a machine at an airport sometime. No system under todays technology is immune. But, it is unlikely that some big farm of GPU based computer will successfully hacked my password via a brute force, or a HASH attack. And even if they do, the next password is just as difficult to get.

© 2025 YbotMan.com - All rights reserved.