Every minute of every day, hackers are probing, spear phishing, whale phishing, SMiShing, spoofing, and pharming for your email password. Let me tell you, if there’s no money in it, they don’t do it. Email is the gateway to almost every other account we might have. Isn’t it? Whether they actually use your email for your account (EBay, PayPal, Amazon) or your email is attached to your account (banks, stores, credit card accounts). What happens when you forget your email? How do you get it sent to you or even reset your password? They send it to your email address. Access to your email gives someone access to your life!
It’s critical to have a good password for your email account. It’s not JUST your emails anymore. Despite much of what you may have heard, complexity is not as important as length. The length of your password determines how much time is required to obtain it through brute force methods. This is the most viable way of getting your password other than you giving them your password through phishing/pharming/etc methods. It’s not really like you may see on TV where they just “get” your password through some “exploit”.
Brute force just means they just keep trying different combinations to try to guess it. They have a personal dictionary of common passwords they try first, but after that, they run through all the possible combinations. So, the longer the password, the greater the odds of them hitting it.
This means that:
JibS&3 is better than snowball
sunnydaysarelovely is better than JibS&3
snowBallhasfleas/4 is best of all
String two words or names that mean something to you into a phrase, add an uppercase letter somewhere, a special character (some places don’t allow special characters) and a number. Go at least 10 long but upwards of 14 is best.