teach-ict.com logo

THE education site for computer science and ICT

Network protection

3. Passwords

A password, along with a user name is the most common way of protecting a network. To get access to the network, a user has to correctly enter both their user name and the password associated with it.

netwrok policy

However, the quality of a password matters a great deal.

The most basic way to guess a password is called the 'brute force' approach. This means a computer program is written to go through every possible combination of letters (and / or symbols) until the right one comes up.

For example, there are 26 letters in the English alphabet, so it would only take 26 guesses to find a 1 letter lower case password (obviously useless as a password!).

So to make a strong password, you want to increase the number of guesses a computer would have to make, by either making the password longer or by including non-alphabetic characters.

Simple password quality
Password Length Maximum combinations of letters Online attack
1000/sec
abcd 4 1/2 million < 10 minutes
abcde 5 10 million < 4 hours
abcdef 6 300 million < 4 days
abcdefg 7 10 billion up to 3 months
abcdefgh 8 Lots up to 7 years

The problem with long, random passwords it that people just cannot remember them.

One solution to this is to use a password manager.

This is a software application designed to handle your passwords by automatically creating long, random passwords for your favorite sites and password protected files. Then it inserts that password automatically when it encounters the site or file.