A long password does not mean that it is secure.
It stands to reason that a password will be more secure the longer it is. But of course, we can use letters, numbers and other characters. think of one very long password that only has numbers. For example 382949284. Obviously it is safer than using another one that is simply 1234. Now, does it really protect us?
A password is not just putting numbers or letters. In fact, you should never use a password that has only numbers or only letters. Even a mixture of both would not be enough either if you want the maximum protection. Going back to length, now think of a password that is of type 2H$d-. That key has five characters. Is a password like 382741 more secure? It has six characters and we can believe so.
As you can see, it is more important how is the password itself than the length. Ideally, create a key that is a mix of letters (both upper and lower case), numbers, and other special symbols. This is what will provide an infinity of possible combinations and will make your password much more secure than using letters or numbers, however long it may be.
Phrases, a very common mistake
But if we talk about insecure long passwordsWithout a doubt, a very clear example is that of using phrases. For example the lyrics of a song, the name and surname of a person, a city of birth next to the name… Obviously, if for example you use a phrase that is familiar to you and you remember it well, it will be long. You can even write 15 or 20 letters without much trouble.
But of course, those types of passwords are not going to be secure. An attacker, through the brute force, you can easily break that key. It is not really strong, nor complex. You would not be protecting your account to the maximum and you would leave an open loophole for a cybercriminal, with the necessary knowledge, to enter. You must prevent them from stealing passwords in the browser.
So how does a password have to be to be secure? From RedesZone we recommend that you use a totally random key. Never put personal data or anything that can relate to you. Also, that password is important that you only use it on one site. Otherwise a domino effect could occur. Think, for example, if you use a password in an Internet forum and also on Facebook. That Internet forum, for whatever reason, has a key leak and an attacker can also access your social network.
On the other hand, that password that you are going to create must contain a mixture of numbers, letters and symbols such as “%”, “$”, “&” or any other. All this will contribute extra security and it will make it as robust as possible and prevent them from being exploited by brute force. You can use open source key managers to generate them.
And yes, the length is going to matter, but understanding it as we have explained it. Each additional letter, number, or symbol you put in will increase security exponentially. But do not trust only the length of the password, but everything that surrounds it. Remember that a very long passphrase is less secure than a five-digit password that has a mix of everything.
