Many security practices still widely accepted today are things of the past. Many of them made sense at the time of short passwords and unrestricted access to workplaces, while some were learned from TV shows with “Russian hackers” breaking Pentagon. In this article we’ll sort it out.
While your password should be reasonably complex and reasonably secure, there are much more important qualities of a good password than just its length and entropy (“randomness”). If you use the same strong and complex password to protect several different accounts, don’t be surprised if multiple accounts of yours are hacked in quick succession. Don’t be obvious either; in How to Break 30 Per Cent of Passwords in Seconds and How to Break 70% of Passwords in Minutes we listed the commonly used attacks that can be and will be performed on your passwords.
A single strong password is not enough. All of your passwords must be unique and not following an obvious pattern. They must be reasonably strong (with emphasis on “reasonably”), and they shouldn’t be found in the Top-10,000 Passwords list.