Computer security specialists are constantly looking for new ways to protect passwords so that we can be sure about our accounts on various sites
At the University of Cambridge in the spring of this year, account passwords were examined for their reliability - Ross Anderson, an expert at the computer laboratory of this university, writes about this in his book "Security Engineering". Experts conducted research on three types of passwords:
- invented by users;
- generated randomly;
- based on phrases.
Scientists decided to test how secure this or that type of password is. For the experiment, they invited 300 volunteer students, who were divided into three groups, 100 people each:
- "Yellow" - they had to come up with a password that would consist of their first letters of famous sayings or phrases, punctuation marks could also be included;
- "Red" - they had to independently come up with passwords of at least 8 characters (with the condition that one of the characters is not a letter);
- "Greens" - this group did nothing, each person just received a randomly generated password.
Participants in all three groups wrote down their passwords, learned them by heart, and destroyed them.
The purpose of the experiment was to find out how accurately users remember their passwords, and how quickly they can be cracked (guess). Then security experts got down to work and tried to guess what passwords the team members had set. Scientists have successfully cracked 30% of the passwords of participants from the "Red" group and 10% from the "Green" and "Yellow" groups.
This suggests that passwords from phrases and randomly generated passwords are relatively strong and secure. Moreover, the participants in the "green" and "red" groups remembered their passwords best of all, while the participants in the "yellow" group had difficulty remembering.
How passwords are composed from phrases? You can take any proverb or saying and make a password from the combined first two or three letters of any words, alternating them with numbers and punctuation marks.