Animated Overview: How to Make a Super-Secure Password Using Dice

mytubethumbplay
%3Ciframe%20allowfullscreen%3D%22%22%20mozallowfullscreen%3D%22true%22%20src%3D%22https%3A%2F%2Farchive.org%2Fembed%2Fhow-to-make-a-super-secure-password%3Fautoplay%3D1%22%20webkitallowfullscreen%3D%22true%22%20width%3D%22640%22%20height%3D%22360%22%20frameborder%3D%220%22%3E%3C%2Fiframe%3E
Privacy info. This embed will serve content from archive.org

Computer passwords have the power to unlock vast troves of information, but some passwords are so simple that it’s easy for thieves to guess them. A common best practice is to steer clear of using familiar passwords (like "iloveyou") and to add symbols or numbers to your passwords to make them harder to guess. However, attackers these days use computer programs to guess passwords—and those programs can guess millions of passwords every second. A password that such attackers cannot guess needs to be long and random. But long random passwords are notoriously hard for mere humans to memorize.

To invent a truly random password that you’ll actually be able to remember, try using Arnold G. Reinhold’s Diceware technique—a method of choosing a secure password using dice and a list of Diceware words.

The resulting password should be random enough to defend against an automatic password cracker (except those owned by large organizations with big budgets, like the NSA or other spy agencies). Always remember to keep your strong password a secret—and avoid reusing your passwords. Depending on how many random words you include in your password, you may be able to foil even the most advanced attackers. For example, five random words (64 bits) is believed to help protect against a criminal attacker while six random words (77 bits) is believed to help protect against most all but the most motivated state-level attackers (like the NSA).

This animated overview contains specifics instructions on how to use Diceware; to find out more about managing multiple passwords, check out these guides:

Last reviewed: 
2017-04-28
JavaScript license information