Creating a password that’s difficult for fraudsters to guess yet easy enough for you to remember is one tricky guessing game.
Just because we follow standard password suggestions (e.g, eight or more characters with at least one uppercase letter, one lowercase letter, a number and a symbol) doesn’t mean we’ve got a rock solid password either. Word is, a surprising number of passwords that follow these rules (e.g, P@$$w0rd1) are easily guessed by the bad guys. At the same time, most login systems won’t raise objections, since you followed standard password guidelines. Talk about a false sense of security.
True to form, the great minds at Microsoft not only sympathize with the challenge of creating safe passwords, but they’ve also created a tool that allows you to test password strength. On December 5, Microsoft launched a free online research tool, Telepathwords, to help you take the “guesswork” out of password creation.
How it works: Type a password into the blank field. After you enter the initial character Telepathwords will try to predict the next character. If you type one of the three characters predicted by Telepathwords, a red X will appear above it. If you pick a character not predicted by Telepathwords, you’ll see a green checkmark above it.
While not truly telepathic, of course, Telepathwords is awfully smart when it comes to the “science” of how users choose passwords.
- It’s well aware of all the usual substitutions, including swapping $ for an S.
- It looks for passwords made by moving a finger around the keyboard, regardless of direction.
- It’s based on an extensive list of known-popular passwords, as well as a dictionary of English words
- It has a list of common phrases obtained from Microsoft’s Bing search engine.
- It’s wise to all sorts of password tricks attackers are well aware of, such as putting an asterisk between the letters of a familiar word.
While Telepathwords doesn’t promise to help create passwords that can’t be cracked, it sure makes you think twice about just how predictable your passwords might be.