Seems like every day there is someone new reminding us that we need strong passwords. You need to mix things up: lower case, upper case, special characters. Above all, the longer the password the better. The problem is, these strong passwords we have created in the past are not mobile friendly. Can we change that and still have passwords that are secure?
Lets take a look at a nice long random 25 character password I made up for this example:
We’ll feed that into Steve Gibson’s password haystack checker to see how hard it would be to crack and the results, even at a trillion guesses per second, it would take 89.14 trillion trillion centuries to crack.
25 random characters? Good luck remembering that. Sure, you could definitely use a password manager such as LastPass to save it but, what if you want that to be your LastPass master password? You can’t very well hide it inside the very thing you need it to open. Then, we add the complexity of typing that on a mobile screen such as iPhone or Android and it gets even worse. Look at it closely and think about how you would type this on a mobile screen: 3 key presses on the first mobile screen for vll then switch to the second screen for & then back to the first, etc. We’ve all been there.
Mobile computing is an increasing part of our lives and we should take that into consideration when we create our passwords. If we get frustrated we’ll end up creating shorter, less secure passwords and that could leave our precious information vulnerable. Instead, what if we had used those very same letters, case, numbers and symbols and put it into a more human friendly format then changed our password to be like this:
Close examination will reveal that we start with a phrase we can remember in lower and upper case. On mobile, this keeps us to the first keyboard screen on our mobile devices.. Then we switch to the second mobile screen for some numbers and symbols. The numbers could be a pattern or something unique that you can remember. Same thing with the symbols. The point is, you have 3 things to remember: a phrase, some numbers and a pattern of symbols. It is still long but you have a better chance of remembering it that way and a higher probability of entering it correctly in one go on your mobile.
How does our new mobile friendly, more human memorable password stack up in Password Haystacks? That’s the beauty of it. It would still take the same 89.14 trillion trillion centuries to crack!
It should be noted as well that there are a set of symbols that iOS puts on the third screen because there isn’t as much room. They are #%*+<>=_ To minimize your screen switching you could avoid using those in your passwords if you do a lot of switching between device types. Also, some people may not like the idea of using real words as part of your password. I’d argue that length is what is critical here but I can see that point too. If that is you, simply figure out a pattern of letters and use in instead of that phrase but keep it mobile friendly by keeping to the first screen.
Now, go change your password and make it strong. Test it with password haystack checker and make it mobile friendly!