How safe is your password?

How safe is your password?

Using an nVidia GeForce GT220 graphics card – which can be bought for as just over £50.00 (£30.00 if you can buy in bulk) - with the latest drivers on Windows 7, UKFast's security experts were able to crack a six character password in 12 seconds, a seven character password in less than five minutes, and an eight character password in four hours. Here is a link

OK, so cracking passwords is easy!

So what do you do. This picture shows you two different approaches. Thanks to XKCD for this one.

You can see that the more letters you add the better.

But the other thing that most people fall foul of is having the same password for everything. So if one site get's hacked and you use the same email address and password for everything you could now have lost everything.

Have I been hacked?
No
Could I be hacked?
YES, but I make it very hard.

What do I do?
I use a different email address and password for every website that I have to provide log on information.

How do I do that?

The first part is my email address.

I own a domain and I have a "catch all" email address which means that I can have a different email address for every website that I use, and they all arrive in one inbox.

E.g.
tesco@mydomain.com --> I use this for Tesco
argos@mydomain.com --> This one for Argos
gooutdoors@mydomain.com --> and this one is from a camping suppliers.

That is the first part, this also means that I can catch websites 'selling' me email address to spammers. I have caught a few because of this. To do this you have to own a domain.

The second part is different passwords for different websites.
You would say that this sounds like a pain, and "How do I remember all the different passwords?".
Simple, I don't. This is a task for the computer!

For this I use the following.

Password Safe. This is a small program that allows you to manage your old passwords and to easily and quickly generate, store, organize, retrieve, and use complex new passwords, using password policies that you control. Once stored, your user names and passwords are just a few clicks away.

Now because I want to access my passwords both at home, work, and on my phone, I have installed it as thought it was on a USB drive into my Dropbox folder. This is not complicated as it sounds.

Dropbox allows me to access to all my files just about anywhere and on any device that I want it. Any file I save to Dropbox also instantly saves to my computers, phones, and the Dropbox website.

I have a version of this running on my iPhone so I can get to all my passwords wherever I am.

Next question. How much does it cost?

Password safe on a computer. Nothing, but they do ask for a donation.

Dropbox. Nothing for the basic account, that has 2Gb of space, and that is plenty.

Because I also have them as apps on my I phone, you have to pay for them, but they cost less than £10.00 for both of them. Apps are also available for Android phones as well.

So the conclusion is that I have different very long passwords that I don't need to remember and different email addresses for each site.

What ever you do,

DO NOT  USE THE SAME PASSWORD FOR ALL WEB SITES