If special characters are not allowed in a password, what hints do you have
to make the most secure password?
In this excerpt from
Answercast #34, I look at the most important technique for making a safe
A secure password
That’s actually pretty easy. (It’s also unfortunately, fairly common. I’ve seen a number of sites that restrict your password to only letters and numbers.)
- The answer’s pretty simple: just make your password longer.
Where you might be tempted to enter in only eight characters or perhaps ten, add a couple of more: go for twelve or fourteen or sixteen. It doesn’t have to be even numbers. Go for fifteen if you like.
The important thing here is that:
- Length matters more than other techniques we’ve been introduced to to make sure our passwords are strong.
It’s been theorized that an eight-character password that has completely random characters in it (including special characters) is technically less secure than, say, a ten-character or twelve-character password that has only alphanumerics in it.
So simply make your password longer.
Now, unfortunately, and I’m seeing this from time to time as well:
- Some services don’t allow you to have an arbitrarily long password.
There’s actually no reason for that – no technical reason for that and yet some of systems have that. If you’re limited to an eight-character or ten-character password, then:
Maximize the length of your password to as long as that system will accept, and then
Make sure to use as many different kinds of characters as they do allow.
But, in general, if you can get yourself up to 12 characters, I’m actually OK with you using only alphanumeric characters.
Next from Answercast 34 – My machine crashes randomly and it’s not overheating, what else should I look at?