{"id":22,"date":"2012-03-17T14:33:46","date_gmt":"2012-03-17T14:33:46","guid":{"rendered":"http:\/\/andrewpleasants.co.uk\/?p=22"},"modified":"2012-03-17T14:36:13","modified_gmt":"2012-03-17T14:36:13","slug":"password-strength-myths","status":"publish","type":"post","link":"http:\/\/andrewpleasants.co.uk\/?p=22","title":{"rendered":"Password Strength Myths"},"content":{"rendered":"

It really surprises me just how many myths there are around concerning the “strength” of passwords, even more surprising is the source of some of these myths<\/strong>
\n<\/p>\n

\nIt seems as though people assume that a password containing letters, numbers and symbols that you must change every X<\/i> number of days is nice and secure, and in some cases it is, but it does cause some problems. The most obvious one is can you<\/strong> actually remember it? Chances are not many people can resulting in the user writing it down on a sticky note and attaching it to their monitor!\n<\/p>\n

\nThe image below (taken from 2toria.com<\/a>) is a good illustration of most of the password myths\n<\/p>\n

\"image\"<\/p>\n

\nAs you can see simple easy to remember words are much more effective than overly complex mumbo-jumbo. It’s not that your password actually contains numbers, symbols and letters that makes it hard to break, it’s the fact that it can<\/i> contain them – from here the strength of the password is governed by it’s length.\n<\/p>\n

\nAs for password expiry dates – well put it this way, if you discovered somebody’s password and had malicious intentions, would you wait to use it? Probably not – and Microsoft seem to agree!\n<\/p>\n

\nSo some tips on choosing “better” passwords:<\/p>\n