How to Choose a Password
Techquickie
·Techquickie
·2017-05-06
·
1,029 words · ~5 min read
0:00
when you really stop and think about it we live in a depressingly insecure
0:04
unsecure both of them probably world
0:08
chances are the only thing standing between your stuff and a bad guy are
0:13
some very shatter Windows you're only a few feet from hitting another car head
0:18
on when you drive down the street and your private conversations and finances
0:22
are kept safe online by a short string of characters I mean I'm not trying to
0:28
make you feel afraid or paranoid or anything but what I am trying to do is
0:32
highlight the importance of password security many people are unaware that
0:38
simply putting a password on something does not make it all that safe
0:43
especially as lots of commonly used passwords are about as secure as a
0:47
screen door in a hurricane I mean
0:51
obviously passwords like quiry 1 2 3 4
0:55
and the name of your favorite sports team are horrible choices because
0:59
they're incredibly easy to guess but if
1:02
you pick something that's obscure and difficult for someone who doesn't know
1:06
you well to Divine does that necessarily
1:10
even mean that safe well that all
1:14
depends on the way passwords are stored
1:17
secure websites hash your password
1:20
meaning that it is passed through an algorithm that is extremely difficult to
1:25
reverse with the output being what's stored on the server the problem though
1:31
is that because many sites use the same algorithm such as the one in the
1:35
commonly used sha series an attacker can
1:39
run lots of common Andor short passwords
1:42
through the hash quickly and then compare that to Hash password stored on
1:47
a server to see if any of them match and
1:51
even though this can be prevented using a technique called salting which adds a
1:56
random numerical string to your password before running it through a hash many
2:02
secure websites don't bother salting
2:06
meaning it can actually be quite easy for an attacker to guess your password
2:10
with Brute Force which means simply trying as many passwords as they can
2:15
until one works in fact most eight
2:18
character passwords can be cracked in only a couple of days using this method
2:22
with a reasonably powerful modern PC fortunately though the solution is
2:28
actually quite simple you use longer passwords having a pseudo random
2:33
password with just 12 characters instead of eight means it could take thousands
2:38
of years for someone to brute force your password instead of a couple days and if
2:43
they eventually do succeed you'll probably be too dead to care of course
2:48
you also want to make sure that your longer password doesn't incorporate
2:52
other common password mistakes even a
2:55
long password made up of shorter dictionary words or containing repeated
3:00
strings of characters can be vulnerable due to those individual elements being
3:05
easier to guess so while length is probably the most important variable the
3:11
best thing to do is to use long passwords made up of random characters
3:16
including symbols but Luke I guess the
3:20
script was written for him how am I going to remember a huge password with a
3:24
bunch of pound signs and colons in it
3:27
well there are quite a few password manag out there that not only store and
3:32
autofill your passwords but also generate pseudo random passwords quickly
3:37
so you can use a different one for every site just make sure that whichever
3:42
password manager that you're using stores all your passwords with heavy
3:46
encryption including salting and yes
3:50
there is a reason I keep saying pseudo random by the way instead of random
3:54
software random number generators that pump out random passwords can never be
3:59
truly random as they work by performing operations on a small initial number
4:04
called a seed which introduces slight bias for certain characters of course
4:10
for the purposes of creating a secure password this bias is negligible for
4:14
most users so don't worry about that too much because after all in a universe
4:18
where every action has some kind of a consequence can anything be truly
4:23
random whoo speaking of wo audible.com
4:28
is the leading provider of audiobooks with more than
4:32
180,000 I mean imagine that for a second
4:36
180,000 downloadable titles across all types of literature including fiction
4:40
non-fiction and well I mean that pretty
4:44
much covers it it's either about a real event or it's not or maybe it's
4:48
somewhere in between audiobooks are great to listen to when you are I don't
4:52
know stuck in traffic on the subway um I
4:55
even had one of our viewers say that he listens while on his forklift at work
4:59
please don't do that there are plenty of other great options like working out at
5:04
the gym forklift drivers please have some awareness around you and for our
5:08
audience members audible is offering a free 30-day trial just head over to
5:13
audible.com tequ we've got that Linked In the video description and browse the
5:16
over 180,000 audio programs I guess
5:20
that's in there twice good job Colton download one title for free and start
5:25
listening it's that easy to try out the service they got all kinds of great
5:29
stuff including if you haven't had enough Star Wars and like you watch the
5:33
movie like six months ago and you're like when's more Star Wars coming you can check out Star Wars bloodline New
5:38
Republic by Claudia gray which takes place before episode 7 it might give you
5:42
a little bit of insight into like some of the stuff that happened where you're
5:46
like who are these people why do they know each other what are they
5:50
saying so check it out and get a 30-day free trial at
5:53
audible.com tequ thanks for watching guys if you like this video boom if you
5:58
disliked it boom boom if you want to check out our other channels boom if you
6:02
want to comment with a video suggestion boom and if you want to subscribe and follow come on
6:07
subscribe or
6:10
follow yes