Eight or more characters, special characters, upper case letter, lower case characters, and numbers. Passwords have a few demands that can seem strange and may result in passwords that make no sense when it comes to memorization. There are reasons for strict password requirements and ways to make stronger passwords without relying on a security-undermining sticky note under your keyboard with the password. Here are a few details about password security to help you understand why the system is the way it is, as well as ways to make your password management more efficient.

The Battle Against Brute Force

There are many ways to gain access to a system. Stealing or guessing at the password is one of the more basic methods, and without strict password requirements, websites will be compromised constantly by passwords that are too easy to guess.

One of the oldest and still used password hacking techniques is the brute force dictionary attack. This attack tries to force its way into a system by trying every word in the dictionary as a password to gain access to a system. It works by automatically filling and entering the password.

Security professionals quickly figured out the technique and created security suggestions, but that won't stop random users from ignoring the rules. Instead, additional rules were made required by the system, which gave dictionary attacks more work to do.

The brute force system evolved with these higher requirements, with skilled hackers figuring out ways to try different combinations of letters and numbers. Stricter requirements will buy more time for an attack to be discovered and shut down, and the more complex the password, the harder it is for hackers to get a quick victory.

What Complex Really Means

According to some systems, a complex password properly mixes letters, numbers, and special characters ([email protected]#$%^&*) while avoiding common words or phrases. This meant not using dictionary words without some form of letter swapping or replacement, which also applied to the user's name, the company name, and any details related to account information.

To some people, complexity means a password that the human mind can't remember. For a brief time, some passwords became a random string of numbers and special characters, which was hard to remember. It wasn't, unfortunately, that much harder to break into than combining 2 or 3 words. To computers, it's all just characters that are entered in a random sequence.

Instead of trying to figure out your own system, a password manager can help you control the chaos. Password managers create passwords for different websites, ensuring that a stolen password at one website won't become a key for easy access at other websites.

You still need a master password, but this password comes with its own security in case someone manages to break into your computer. Speak with a password management professional or visit a website like Joinesty.com to discuss password security and the need for complexity in a changing technology environment.