📖 Password Basics
What Makes a Strong Password?
A strong password is your first line of defense against unauthorized access to your accounts. Understanding the characteristics of a secure password is essential for protecting your digital identity.
Key Characteristics of Strong Passwords:
- Length: At least 12-16 characters (longer is better)
- Complexity: Mix of uppercase, lowercase, numbers, and symbols
- Unpredictability: No dictionary words, names, or common phrases
- Uniqueness: Different password for every account
- Randomness: No patterns or sequences (like "123456" or "qwerty")
Weak vs. Strong Password Examples
See the difference between passwords that can be cracked in seconds versus those that would take years.
| Weak Password | Why It's Weak | Strong Alternative | Time to Crack |
|---|---|---|---|
| password123 | Common word + simple numbers | P@5sW0rd!2#Xy9$ | Billions of years |
| john1990 | Personal info (name + birth year) | J#9n2$Kl!90pQ | Millions of years |
| qwerty | Keyboard pattern | Qw3@Rt!9#Yp2 | Billions of years |
| iloveyou | Common phrase | !L0v3@U2#Xy9 | Millions of years |
| 12345678 | Sequential numbers | 1@2b3#C4$d5E | Billions of years |
| letmein | Common phrase, all lowercase | L3t@M3!n#9Xz | Millions of years |
What Is a Weak Password?
A weak password is one that can be easily guessed or cracked by hackers using common techniques. Here are the most common types of weak passwords:
❌ Common Words
Dictionary words, names, places, or common phrases are easily cracked using dictionary attacks.
Examples: password, admin, welcome, sunshine
❌ Personal Information
Using birthdays, names, addresses, or other personal data makes you vulnerable if someone knows you.
Examples: john1985, fluffy123, mybirthday
❌ Sequential Patterns
Number or keyboard sequences are the first combinations attackers try.
Examples: 123456, abcdef, qwerty, asdfgh
❌ Short Passwords
Passwords under 8 characters can be cracked quickly through brute force attacks.
Examples: pass, 1234, abc123
❌ Reused Passwords
Using the same password across multiple sites means one breach compromises all accounts.
Risk: One breach = all accounts vulnerable
❌ Simple Substitutions
Basic substitutions like "3" for "e" or "0" for "o" don't fool modern cracking tools.
Examples: p@ssw0rd, l3tm31n
How Passwords Are Cracked
Understanding how hackers crack passwords helps you create better ones:
🔓 Common Attack Methods:
- Brute Force: Trying every possible combination until the correct one is found. Short, simple passwords fall quickly.
- Dictionary Attack: Using lists of common words, phrases, and passwords from previous breaches.
- Credential Stuffing: Using stolen username/password pairs from one breach to access other accounts.
- Social Engineering: Tricking you into revealing your password through phishing or manipulation.
- Keyloggers: Malware that records everything you type, including passwords.
The Math Behind Password Strength
Understanding the mathematics helps explain why longer, more complex passwords are better:
- Lowercase only (26 characters): 8-char password = 208 billion combinations
- + Uppercase (52 characters): 8-char password = 53 trillion combinations
- + Numbers (62 characters): 8-char password = 218 trillion combinations
- + Symbols (95 characters): 8-char password = 6.6 quadrillion combinations
- All types, 16 characters: 44 decillion combinations (44 followed by 30 zeros!)