By Peter LaSorsa
I have been asked a few times by attorneys, clients and just friends who know I handle technology issues the same question — how long should my password be? The answer is... it depends on whether you want a guaranteed secure password or one that is probably secure. At one time, if you had a six-to-eight string of numbers and letters, your password was considered secure. However with the increase in computer processing and the advances in cryptic code-breaking software the new six-to-eight is 12.
Why 12? Well, recently researchers at the Georgia Institute of Technology focused on the issue of password security and they determined that with current technology it would take the bad guys 17,134 years to break a password of 12 characters. Bad news if you are planning on living for 18,000 years but good news for the rest of us. In case you are wondering, an 11-character password can be broken in 180 years. And you can imagine how drastically it decreases from there. I know, 180 years is plenty so why the overkill. Technology is increasing at a rapid pace and although the numbers I am giving are true today, they will come down severely in the next few years. So the idea is to build in room for new technology and advances by the bad guys.
The researchers believe the best password is an entire sentence, preferably one that includes numbers or symbols. Why an entire sentence? I know many people have been taught that words are weak for passwords but here is the logic. A sentence is both long and complex, and also easy to remember.
ISBA Development Site
This website is for ISBA staff use only. All visitors should return to the main ISBA website.