With just about every merchant and service on the Web requiring a password, it’s very tempting to use one, easy-to-remember word or phrase across all of them. Hackers know this, and it’s one of the reasons they’re able to hijack accounts so easily. If a hacker determines the password you use for, say, your Facebook login, he’ll likely try it on your bank account too. For this reason, among others, it’s vital to use different passwords for each service you use. Yes, it requires some extra work to keep track of them all, but it’s a far more pleasant experience than having your bank account drained.
However, using the above strategy won’t help you much if your individual passwords are easy to guess or crack. One common, simple-to-execute method for cracking passwords is what’s known as a “dictionary attack.” A dictionary attack is a type of brute force attack, whereby the hacker, using a computer program, tries all the words in the dictionary from A-Z in rapid succession until he finds the one that works. However, this isn’t your typical desktop reference dictionary. It also includes lists of proper nouns like common first names, names of celebrities, fictional characters, movie titles, sports teams, cities, common pet names, well-known quotes, and the like.
In order to thwart this known method, create passwords that don’t appear in such a dictionary by adding numbers and symbols to strings of characters. For example:
Weak password: Travolta
Stronger password: 3Trav#olta1547
Very strong password: 3pnle#r5th!po34
Generally speaking, the longer the password, the stronger it is, since each character is one more variable that the hacker must determine. But IT’S ONLY STRONG IF IT’S NOT EASY TO GUESS, so don’t choose something like “fourscoreandsevenyearsago” either.