The idea is not new. But the UK’s Cyber Security Agency again strongly recommends the three-word random rule for secure passwords. But it’s also not 100% certain.
In October 2016, the British cybersecurity authority NCSC (National Cyber Security Center) recommended the use of a combination of three randomly chosen words when it comes to recommending secure passwords. The National Center for Sports Security cited the words coffeetrainfish or walltinshirt as examples. The idea behind it: Passwords created in this way are easy to remember, are longer than some previously used ones – like the wife’s name – and are generally more difficult to decipher. Now, the National Center for Sports Security has definitively restarted the rule.
3 random words are more secure than complex passwords
Accordingly, passwords found in this way – such as chair coin sockets – can be more effective and therefore more secure against cybercriminal attacks than more complex passwords. after every thing, So the expertsThey were specifically targeting these passwords. For example, if you replace only the two s with the digits five in your password and add an o with a zero and an exclamation point, it must meet the requirements for creating passwords, for example for online accounts. Cybercriminals have been investigating this type of letter-number combination for a long time.
Implementing complexity requirements, such as the mandatory use of special characters and numbers, as opposed to their intended purpose, creates more predictable passwords, according to the authorities. On the other hand, passwords generated from three random words tend to be longer and harder to predict. In addition, combinations of characters that were more difficult to identify are used for algorithms used by cybercriminals, according to the NCSC.
Three random words that are easy to remember
However, experts point out that the three random word rule is not 100% safe. The big advantage is that it is easier for users to remember a password of three randomly selected passwords than an already complex password consisting of a large number of letters, numbers and special characters. In the end, it is of course the safest way to use a password manager, but its acceptance is still very low. If you look around at the lists of most used passwords – à la Password1234 – there might be something to the NCSC idea.