Staying SAFU: 5 rules for strong passwords
Disclaimer: The following article is part of Cryptonews Deals Series and was written as a promotional article in collaboration with the sponsor of this offer. If your company has an exclusive promotion that you would like to share with our readers, we invite you to reach out to us. Let’s build together.
“Crypto” comes from the word “cryptography,” and anything touched by encryption must be safe by default. Right?
Wrong. Cryptocurrency may be unbreakable, but crypto wallets don’t enjoy the same luxury. Whether you keep your coins on an exchange or in a non-custodial wallet, you’re relying on mundane security measures to keep your assets safe. If they’re not up to snuff, your journey to the moon only has one end — not your keys, not your coins.
Your crypto wallet’s security starts with a strong password. In this article, we’ll teach you how to create a strong password for your coins by following six simple rules.
1. Never reuse passwords
Every website wants you to make an account, and every account needs a password. Pretty soon, the amount of credentials becomes overwhelming, and you might be tempted to downsize a bit. Why not simply create a single super strong password for all your accounts?
Resist the temptation. If you reuse passwords, you’re putting all your eggs in one basket. A single data leak from a vulnerable website can put your entire digital kingdom in jeopardy. Once hackers have their hands on a set of credentials, they’ll run the username/password combo through email services, social media, and — you guessed it — crypto wallets.
And do you really want to risk thousands of dollars in crypto for easier access to Facebook?
2. Simple is bad
So if every account must have a unique password, why not keep things simple? It’s much easier to remember multiple passwords if they’re composed of common words, use popular phrases, or reference anything personal.
Trouble is, if your password is easy to remember, there’s a good chance it’s also easy to guess. The first thing hackers will try on your crypto wallet is a dictionary attack — they’ll get a supercomputer to throw popular names, words, and phrases at the account by the thousand to see if anything sticks. Faced with this onslaught, a simple password will fold in milliseconds.
The same goes for personal information. Don’t make passwords out of pet names, important dates, or in-jokes — this information is not as private as you think. To crack open your crypto wallet, hackers will thoroughly investigate your social media profiles, forum posts, and even government registries for hints.
To protect your crypto assets, take a page from cryptography. Just like encrypted data, the best passwords look like complete gibberish created by rolling your face on the keyboard. Create your password out of random characters for the best results.
3. Special is good
Alright, so it has to be unique and random. But can we at least keep to the bottom half of the keyboard? Surely that’s enough randomness to foil any hacking attempt.
Oh, sweet summer child. Your crypto is a juicy prize, so if the dictionary attack fails, hackers will move on to the next phase — simple, raw brute force. They will pry your crypto wallet open one symbol at a time.
Let’s put things into perspective. An eight character password only composed of lowercase letters has almost 209 billion combinations. That’s more possible passwords than a human being would be able to guess in a lifetime — but a computer running optimized brute force algorithms would be able to crack it in less than a second.
By adding more character possibilities to the mix, you increase the time it takes to brute force your crypto wallet exponentially. With uppercase letters, numbers, and special symbols, the same eight character password goes from folding in milliseconds to holding out for hours against sustained assault.
4. The more, the merrier
Just like the average Reddit post, your password is now full of random capitalization, misplaced symbols, and unsubstantiated numbers. But unless you want the difference between “funds are SAFU” and “SFYL” to be one all-nighter, you need to think bigger.
Specifically, you need a bigger password.
It all comes down to the number of possible combinations. In our previous example, the eight character password with lowercase and uppercase letters, numbers, and special symbols would last about eight hours against a high-power offline cracking computer. But add just one more character, and the time until your crypto wallet is compromised jumps to three weeks.
Really strong passwords consist of at least twelve characters — with this many possible combinations, even supercomputers would need an average of 34,000 years to penetrate your account. And by that time, your coins will have safely shot to the moon.
5. Just use a password manager
At this point, you might be wondering how to keep this random mishmash in your head, much less use daily to check on your funds. That’s the best part — you don’t need to.
There’s a much easier way to get strong passwords for any account, including your crypto wallet.
NordPass is a free password manager from Nord Security, the creators of NordVPN. The free app lets you generate, save, and automatically fill in strong passwords on the fly, keep sensitive notes, and store credit card details. All your credentials will be safely stored in your private NordPass vault, protected by unbreakable xChaCha20 encryption.
And best of all? As a crypto enthusiast, you’ll love the fact that NordPass runs on zero-knowledge architecture — in other words, not even NordPass technicians know what you keep in your vault. No peeking!