This talk was recently posted on TED and I felt it adds to my argument against homeopathy. Homeopathy when tested is only tested against placebos, it is never (from my research) tested against the current best treatment for whatever particular illness it claims to treat. I think this is another great argument against the stupidity that is homeopathy.
In my job I notice how hopeless people are with setting passwords. I find it bizarre how hard it can be to convince companies to set strong restrictions on passwords. Why do so many people think password security is trivial? I believe most people do put strong passwords on their bank accounts, so why not do it on everything for good practice?
The first thing you need for a good password is something that is easy to remember. Next, for strength, make sure it is long; length is definitely the most important part of password security. It may be a good idea to make it complex, as this can add to strength but is not as important. Complexity means using a variety of characters including uppercase, numbers and symbols. Taking into account the first two principles you can see they are somewhat counter-intuitive; something long is not going to be easy to remember. The best way, I believe, to work around this is to make it an interesting sentence e.g. ‘mybumhurtswheniordertoomanyjalapenosonmysubway’ or ‘purplemonkeydishwasher’.
You may think this password should be easy to crack because it is only using lowercase letters until you look at the amount of variation. To calculate the amount of variations of a password you would do an equation of an where a is the number of characters and n is the length of the password. Considering the length of the first example password and that it only uses lowercase letters this would give you 2646 which means it would have 1.226800676×10⁶⁵ possible variations. If you were to then add all the other characters including uppercase letters, numbers and symbols, it would have 9.446824414×10⁹⁰ variations. That is a fuck-tonne of variations in both cases.
Basically what I am saying is that it is most important to make your passwords decently long, not as long as the first example as that is extreme (imagine putting that password into your smart phone). It wouldn’t hurt to add a few numbers and letters in there but it isn’t important with current computing power; although it may become a necessity in the future as technology advances.
This was inspired by the following xkcd comic.