I\'ve heard many suggestions as to what makes a good password (hard to guess, no

Question

I've heard many suggestions as to what makes a good password (hard to guess, not a dictionary word or permutation thereof, at least a certain length, etc.) so that it cannot be cracked in a realistic amount of time. However, from what I understand, password cracking techniques and software will try to use Latin characters, digits, and special characters that you would typically find on a US keyboard. Therefore, would it be a good idea to include some non-Latin characters in a password?

For example, "passw??rd".

Explanation / Answer

Yes, it would be a great idea to use those characters.

passw??rd would probably not be the best example as it is simply two characters away from password, but it would certainly be more secure than password11, p4ssw0rd, or similar permutations.

Since these letters are not as convenient on average keyboards, most users will probably not use these characters as it requires extra effort during the login process. Hackers know this and will most likely not try these characters as often. That does not mean that using these characters is some key that will protect you from brute-forcing, but it would be significantly better protection. The number of possible characters greatly increases when using such unicode characters, increasing the time for a potential brute-force attack. Because of this, hackers will most likely decide to target the "low hanging fruit," being people who use a smaller character set that allows for less possibilities.

Related Questions

Navigate

• Browse (All)
• Browse I
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.