Microsoft Word has many hidden symbols and foreign language letters that can
be accessed by using the Alt key and three or four keypad numbers. Can these be
used to create a more difficult to crack password?
In this excerpt from
Answercast #97 I look at the added safety that may come from using bizarre and exotic characters in a password.
Exotic characters for strong passwords
Well, the short answer is yes, but the real answer is no. And let me explain why.
First let’s talk about what those characters are. You and I are used to a character set that consists of 26 letters, upper and lowercase, ten digits and then a few special characters. Usually it’s less than 128 different characters.
In reality, there are thousands and thousands of different characters. Especially when you start including languages that don’t even use the same alphabet we use. Ultimately, computers are capable of representing these. Many programs are capable of using different characters from different languages that require these kinds of obscure keystrokes, or even different keyboards.
Computer character sets
And by the way it’s not a “Word thing” it’s a Windows thing. It’s a computer thing. This isn’t restricted to Word at all.
What it really boils down to is; what software actually supports these large character sets? Word happens to be one of them.
Can you use them in passwords?
The same issue applies to the places you might need to use a password.
You will find, I think, that most online resources want your password to be letters, numbers and a few special characters. Anything outside of that range, they’re just not going to accept.
Yes, it might make for a stronger password but the fact is that most of the internet is based on those 26 letters, ten numbers, upper and lowercase and a few special characters and that’s it; that’s all they’ll support.
Make a stronger password
As it turns out, there’s a better way to make your password stronger.
That is to not use different characters, but to use more of the characters you already have available to you. By that I mean, simply, that a longer password is almost always better than a more complex password. With “enough” being longer enough.
I’ve got an article that compares the two; compares what it means to have a longer password.
I strongly recommend that. Instead of investigating these alternative characters, you simply make your password longer.
Support for exotic characters
Now, if you are in a circumstance where you know the software that is using these passwords does support these bizarre characters from different character sets – then by all means go ahead and use them. They’ll make things more secure if you can remember them, and if you can remember to type them.
Also, you will always need to be at a computer that knows how to enter those characters. That’s another thing too. If you ever try to access one of these things via say, a smartphone or a tablet or something like that, you may not have the ability to type the characters that you were able to type on your PC.
But assuming that everything is correct and it supports these characters then sure; it adds more characters to the mix and it’s unlikely to be a character that hacker is going to try in a brute force attack.
Ultimately I think, for most people, in almost every case, it’s much better to simply make a longer password with more characters than it is to try and get fancy with these kinds of techniques.
(Transcript lightly edited for readability.)