Before we go into details of what elements that constitute a secure password, we should know the basic principle underlying the password cracking process. Basically the cracking process is done through brute force where a software is run to guess a password through a series of common words and phrases in various combinations.
Some time ago, if you have a password which looks similar to the following “B34r&!BxG”, you stand a better chance of surviving the crack. The key of creating a secure password is not merely depending on the length of the password but also the adoption of non-traditional characters into your password.
However, as time goes by, the softwares used to crack passwords evolves into more sophisticated ones. They are capable of checking thousands of common words in combinations of various appendages including including all two and three-digit combinations, single symbols (like $), dates from 1900 onwards, and few more. These softwares is also able to check other typical hacker-speak substitutions such as “3” for “E”.
So, how a secure password looks like I hear you ask. According to Bruce Schneier, a writer of some of the most influential books on computer security and cryptography ever printed,
The trick is to put your “appendage” (or two of them) in an unusual place: Either in the middle of the root or at both the beginning and the end.
Schneier’s example is to use a word that you can pronounce but which is spelled “wrong”: armwar or pitchsure or baysball are all examples. Then attach your appendage(s): arm9!9war or 1066pitchsure6601 or bay1776sball. It shouldn’t take much effort to commit any of these to memory.
If you are doing online business where a secure password is your utmost priority, I’m sure you will not take this issue lightly. Even if you don’t do business online, I’m sure it will annoy you if you know for sure somebody has got into your Yahoo! mail and rummaging through your private emails. The bottom line is, better do something about this before it’s too late.