If you own a computer, or other electronic device in this day and age, you’ve probably had to create a password, if not many passwords.  It’s inevitable that in today’s modern world of computing and technology, that you’ve needed to create at least some password which you’ve inevitably forgotten, lost, or had to update for security reasons.  But why these passwords are needed, and how you can make them easy to remember and secure can be difficult, if not down-right frustrating.  That’s why we wanted to help explain how Managed Services, and other various methods can help in your effort to remember your password(s), and keep them secure.

It’s easy to understand why passwords are important with technology today.  Passwords keep our secure data safe, and without passwords many of the technology we use today simply wouldn’t work.  So how does a password work to keep your data safe?  A well-known security company Wordfence explains that when you create a password for your bank account, or your Facebook account for example, what happens is the password is hashed into a series of numbers, and characters.

Hashing can be thought of as an algorithm.  It takes the set of input characters, and translates them into a longer string of numbers and characters in a seemingly random context.  Only your plain-text password is able to bring about the correct hash from the stored database of hashed passwords.  There are various types of hashing which have various levels of security.  Upon entering a password, the hashed result can depend on the type of hashing algorithm being used.  Two popular types of hashing are known as MD5, and SHA2.

  • MD5 hashes your input password into a 128 binary digit hash.
  • SHA2 hashes your input password into 256 binary digits.

The longer the amount of digits, the more combinations a hacker would need to try in order to guess your password.  An extra layer of security was added to hashed passwords as well, known as ‘Salts’.

A ‘salt’ is an extra level of random characters added to your hashed password.  Adding a salt to your hashed password not only adds more digits to the password, thus increasing the amount of time it would take to guess your password, it also adds these characters in a pre-configured way that randomizes the location of these digits.  Hence, if a hacker got a hold of the password database they would also need to figure out what salt method is being added to each password.

As more characters are added, it takes longer and longer for a computer to guess what the password is.  For example, a 4-digit password only has 10’000 possible combinations that can be guessed by a computer.  A computer can simply guess your 4-digit password by trying each combination until it gains access.  As you increase the length of your password, you are increasing the amount of digits in which a computer has to guess for your password exponentially.

This is why a secure password is as much about length, as it is about random assortment of numbers, characters, and special characters. The organization Stay Safe Online recommends that you make your password a sentence.  A sentence is easy to remember for humans, but for computers it makes guessing your password much more difficult.

There are a variety of methods, and tools that you can use to help you not only remember your password, but also can help you create secure passwords as well.  Our managed IT services team uses a useful password tool known as LastPass.  LastPass is a unique tool that allows you to keep your passwords stored and secured in a vault, only accessible with your master password.  This helps you to keep track of your passwords, and helps if you have a lot of passwords that are easily forgotten.  This tool comes with a password generator as well, which you can use to create secure, random passwords based on a number of options you set.  There are a variety of tools similar to LastPass which you can find online, that can help you store and keep track of your passwords securely.