Search Ü

Looking for more something specific? Try the keyword search below (no query syntax or booleans allowed).


Most popular pages

Interesting places to visit

This form can be used to check the strength of a password and the time to attack (guess by brute force) the password. Choose "automatic" mode to have the form change the length of the password as you type, or choose "manual" to set a fixed length. Note that the password you enter must conform to the criteria you select. For example, if you choose "numbers only," entering a letter in the optional password field shall result in the form replacing that letter with a number.

Password (Optional):
Strength Scalar: Poor     Excellent

Length (n): Automatic From Password Manual
Secs between attacks (s):  
Unique chars (C):

Seconds:    Based on P = Cn/2

Tips on Making a "Good" Password
A good password is one that is as difficult as possible given the limitations of the characters you can use. The strength rating on this form is not an absolute measure, although given two passwords made using the guidelines below, the one with the higher strength percentage is almost certainly more difficult for an attacker to break.

Don't Use Information an Attacker May Know

Passwords that include personal information that an attacker may know are easier to crack. For Example, people often use the first word of a sentence, as in "I have two children, Devin, 6, and Ethan, 3" to form the password "IhtcD6E3." While this may look difficult to guess, and have a high strength rating, it is a common phrase using personal information, and thus too easy for an attacker to guess. Using your or a loved one's birthday for your PIN is another classic case of a bad password selection. If you need a sentence to remind you of your password, choose something more obscure like, "Bad weather adds 20 minutes to my commute" which makes "Bw+20mtmc."

Avoid Patterns

Patterns like "123" or "abc" in a password are often detectable by attackers. Try to avoid adding simple patterns or sequences to your passwords.

Avoid Special Characters

Although they make passwords difficult to guess and will give them a high strength rating on this form, some special keyboard characters will expose system vulnerabilities. For example, a percent sign (%) is a special character used when making database queries. If your password includes a percent sign, and the system uses your password in such a query, it may cause a naive system to inadvertently expose data to unauthorized users, or cause system vulnerabilities. Because you should never make assumptions about the system you are creating a password for, it is best to avoid the following characters:

! $ % & * ' " ; \

Examples of "safer" special characters include:

~ @ ^ ( ) - = +

Do Not Use Suggested Passwords

This form includes a utility to suggest a password based on the text you have entered or randomly. When using passwords suggested by any algorithm, including the one that this form uses, be aware that hackers may have access to the same algorithms, and so would be able to generate the same passwords. That makes using these passwords somewhat dangerous. These algorithms are only provided to suggest examples of passwords that are as strong as they can be given the criteria such as available characters and length.

Don't Be Afraid To Write It Down

Another problem with the seemingly random passwords suggested by computerized algorithms is that they are often too difficult for the user to remember. Users often take to writing down complex passwords, which is generally perceived as a major security weakness. However, if you treat your written passwords as if they were as valuable as the information you access with them, then you can use a more complex password without having to remember it. Remember to guard it well - I suggest keeping it separate from you wallet (which you may be asked to surrender if robbed) but always on your person. Writing a hint may also be better than the real password.

Making a good password isn't easy, but the extra steps above can help create a more secure password that is more difficult for hackers to guess.

Articles and Press

I have been fortunate enough to be allowed to contribute several technical articles to trade publications, as well to be interviewed by some of the most respected publications in the industry.

Some of my presentations and design work has gained the attention of the graphics art and design industry.