Strong Passwords

When securing a document with a password, the password is a major factor in the security scheme. The security of the document depends on:

• password length
• password complexity
• password protection

You control password length, complexity and protection and are therefore in control of how secure you are protecting and sending the document!

EncOffice: Easy and Safe Encryption of Word documents Adds a "Safe Encrypted" button to the Word toolbar Helps to choose a strong password Makes encrypted copy of the original document with extension ".enc.doc" You can open the encrypted document with a standard Word version  Learn More

Strong Passwords

1. Is there something like a 100% secure password?
   
2. How do password crackers work?
   
3. What are WEAK passwords:
   
4. How much time is needed to crack a password?
   
5. How to make a strong password:
   
6. The final challenge: Protect the password!
   

Is there something like a 100% secure password?

How do password crackers work?

• password guessing (see section on weak passwords)
• dictionary attack (trying all words from a dictionary list, e.g. list of names)
• brute force attack (if nothing else works: try every possible combination)

What are WEAK passwords:

• The use of a given name (your partner, child, pet animal) as a password is considered weak, e.g. kelly, sue, billy. Anyone who knows you is able to guess your password!
• Simple words or given names combined with the numbers of the month are considered weak as well, e.g. welcome1, july04. These can be guessed.
• Short passwords (less than 5 characters) are weak because the number of possible passwords is limited. These short passwords can be cracked within seconds.

How much time is needed to crack a password?

Click here to read more about password crack times

How to make a strong password:

• Make a password at least 10 characters long, the longer the better.
• Use characters from different groups.
  Strong passwords contain characters from these character groups:
  • Lower case characters, e.g.
    a, b, c, d, ....
  • Upper case characters, e.g.
    A, B, C, D, .....
  • Numbers, e.g.:
    1, 2, 3, 4, 5, ....
  • Symbols:
    These are the characters you normally do not use in text, e.g.:
    ` ~ ! @ # $ % ^ & * ( ) _ + - = { } | [ ] \ : " ; ' < > ? , . /
• Do not use the same password over and over again and do not use it to secure different things! At least do not use your hotmail password to secure your company information.

Suggestion how to make a strong password:

• Think of a memorable short sentence:
  For example:
  running the half marathon was hard but fun
• Take the first characters from each word and combine them to make a non existing word:
  rthmwhbf
• Check this word does not accidentally resembles an existing word, name, etc.
• Introduce some misspellings, numbers and symbols in such a way that you can still remember the original sentence:
  In our example I have replaced h with 1/2. I replaced the letter h from hard with h!, because it was really hard!. I changed the letter b with b@ as it resembles the word but.
  rt1/2mwh!b@f
• Change some of the characters with upper case symbols:
  rT1/2mwH!b@f
  

The final challenge: Protect the password!

• Never write the password down near your computer desk
• If for some reason you have to write the password down, store the paper with the password in your wallet with your valuables
• Don't send an e-mail with both the protected document and the password.
• Communicate the password and the protected document via different media.
  E.g. Send the protected document by e-mail and the password by phone.