Passwords. Easily Explained.

It has to be longer than 8 digits.

It has to have capital letters.

And don't forget numbers and special characters.

And now, don't forget it.

But never write it down!

And please change it once a month of course.

For every device and account a new one.

Phew! Why does this "password thing" always have to be so complicated?

How is it possible to come up with a password that is safe <i>and</i> easy to remember?

For this purpose, it's good to understand how a password works

and how it's cracked.

You can imagine a password like the digits for a combination lock:

And just like the digits here

it's important that you don't use a combination

that is easy to guess.

Like your Birthday.

Or the name of your friend, child, pet.

Researching these on the web is quite easy.

The big difference to a combination lock is

that the hard work of trying combinations can be done by a computer.

If a machine tries to guess your password online

it hopefully get's blocked after a couple of tries.

But if that's not the case,

when a database gets stolen

for example.

The computer will have direct access to the lock.

Then even an old notebook

can try billions of passwords every second.

And of course the attackers start with a list of the most frequently used passwords.

And then try every single word in any language

slang and with variations by using dictionaries

and encyclopedias. That only takes a couple of seconds.

This is the reason why you should use an

"uncommon combination" of

letters, numbers and special characters.

Then the computer has to "manually"

try out every single combination.

This is called a "brute force attack".

And if your password has 10 letters

in only takes a couple of hours

until the combinations is cracked.

But if you just add one more letter

it will take as long as twenty days.

Because with every digit that you add, time increases exponentially.

Five more digits

and even ten computers need more than 2 400 years

to crack your password.

If you extend the "lock" also

by making the "wheels" larger.

By adding capital letters and numbers.

Those ten computers would need around 1.1 billion years

to crack a password with 15 digits.

Unfortunately

"nzb6Xrtc57l1mnk"

is so hard to remember.

That's why it's helpful

to think of a "passphrase"

instead of a pass<i>word</i>.

Because phrases are easier to remember -

and usually longer than words.

For example

"30dividedby10=Three"

or:

"A Passphrase features more security &gt; a Password"

or simply:

"This is my Passphrase for E-Mails".

With these you will have more than 15 digits

small and capital letters

and in most cases even special characters.

Cracking such a passphrase with "brute force"

takes atleast a couple of thousand years.

Yet you can easily remember it.

Alright. Have fun coming up with your own phrases ;-)

Because you shouldn't use the examples from this video

alright... that's enough.

It's enough.

Thank you for watching.

You can find more info and references

concerning passphrases

in the video description.

I will stop talking now.

...