Using a strong password is always recommended as a good security measure to keep your personal information safe, but just what makes a strong password?
There are many factors at play, but it all comes down to something called password entropy. This is the technical term used to predict the complex nature of a password and determine how hard a password would be to crack.
If an attacker guesses your password, they could do things like set bad links from your site to try to increase their ranking, send spam from your domain, and even just simply delete all of your files.
In this guide I'll cover how passwords are compromised, what you can do to protect against password attacks, why using length and multiple character sets is best, and finally how you can generate a strong password with cPanel or even come up with your own strong password.
How are passwords compromised?
The most common ways that a password would be cracked would be these types of attacks:
Brute Force Attacks are accomplished by sheer brute force, with the attacker using a script to continually try to login to your account, trying all sorts of characters in different combinations till they break in.
Dictionary Attacks are similiar in nature to brute force attacks, the main difference is that the attacker uses a dictionary of words rather than a set of characters to try to break into your account again and again.
How to protect your password against attacks
To protect your password, ensure it doesn't have characteristics that make it easier for attackers to break. Don't use common words in the dictionary, easily repeated keystrokes like 123456 or qwerty, and try to use a mix of different character sets.
The longer and more complex you make your password, the better chance you'll have of never having to reset it. With how often there are large attacks against accounts these days, it's typically better to be safe than sorry.
Create strong passwords with length and character sets
When it comes to making a strong password, the longer the better, and using multiple character sets is best.
There are 94 characters used between lowercase, uppercase, 32 special characters, and 10 numbers.
If you create a simple password only using 5 characters from the 26 lowercase letters character set.
The math behind that is simply 26 * 26 * 26 * 26 * 26 or 26^5 giving you 11.8 Million possible passwords.
Add one extra character and 26 * 26 * 26 * 26 * 26 * 26 or 26^6 gives you 309 million possible passwords!
Password character sets
If we took our same 5 character password, and just added in uppercase letters as another character set.
We would now be multiplying by 26 lowercase + 26 upper case letters and have a possible 52 characters.
The math for that would be 52 * 52 * 52 * 52 * 52 or 52^5 giving you 380 Million possible passwords.
Adding special characters into the mix, and also numbers, then you have 94 characters.
So even with just 5 characters 94 * 94 * 94 * 94 * 94 or 94^5 gives you 7 Billion 339 Million passwords!
Generate strong passwords with cPanel
If you'd like to quickly generate a strong password in cPanel, you can easily do so following these steps:
- Login to cPanel
- Under the Administration & Help section, click on Change Password
- Click on Password Generator.
- Now highlight the generated password and hit Ctrl-C to copy it.
Come up with your own strong password
One common tactic for coming up with your own strong password is developing a long phrase that you'll never forget, and then use character substitutions to add extra complexity to it.
A good example of this would be I want to remember this password forever and ever.
Now after you have your phrase memorized, you can add in some character substitutions.
||Unique character substitutions
||What I did
||Keep the capital I
||keep the lowercase w
||alternate back to capital T
||keep the lowercase r
||alternate back to capital T
||keep the lowercase p
||replace for with 4, replace e with # and keep ver
||use a symbol replacement of &
||alternate back to capital E
You would now have a password that is 12 characters long, and uses a 94 place character set.
It looks really complex and hard to remember, but if you just remember the unique phrase you used to create it and the character substitutions you made, after awhile it will become second nature to enter it in.
Now an attacker would have to face 94 * 94 * 94 * 94 * 94 * 94 * 94 * 94 * 94 * 94 * 94 * 94 or 94^12.
That's an incredible 475 Sextillion, or 24 decimal digits worth of password combos they'd have to try.
You should now understand why you might want to use a strong password to protect any of your online accounts, and how to either generate or come up with one of your own.