contact us

Mots de Passes, the guide to creating strong passwords in 2024

In this article

In today's digital world, where every click and tap on the keyboard can represent a potential security breach, protecting our sensitive information is an absolute priority. At the heart of this defense lies an often overlooked but nonetheless crucial element: the password. But the simple composition of characters is no longer enough to guarantee optimal security. To understand in depth how our passwords become the inviolable guardians of our data, we need to delve into the complex and fascinating world of hashing.

The Cryptographic Puzzle: Hash Mechanisms Explained

Hashing is the cryptographic algorithm that transforms a password into a seemingly incomprehensible random string of characters. This transformation is a one-way process: once a password has been hashed, it is virtually impossible to go back and decrypt it to find the original password. It is this property that gives hashing its magical power in the field of computer security. Three cryptographic mechanisms in particular stand out:

  • Symmetric cryptography : This mechanism uses a single key to encrypt and decrypt data. Symmetrical algorithms, such as the Advanced Encryption Standard (AES), encrypt data in blocks, providing a reliable method for securing sensitive communications and data.
  • Asymmetric cryptography : Also known as public-key cryptography, this method uses a distinct pair of keys: a public key for encryption and a corresponding private key for decryption. Asymmetric algorithms, such as Rivest-Shamir-Adleman (RSA), are used to exchange secure session keys and digitally sign documents, ensuring data authenticity.
  • Cryptographic hashing : Cryptographic hash functions transform variable-size data into a fixed-size digital hash. These fingerprints, created by algorithms such as the Secure Hash Algorithm (SHA-256), are used to verify data integrity and secure passwords.

How Hashage works

Hashing relies on sophisticated cryptographic functions. These algorithms take a password as input and generate a hashed string as output, often represented as a long sequence of letters and numbers. Each slight modification of the original password results in the creation of a completely different hash, making it virtually impossible to reverse-engineer the original password from the hash.

Enhanced safety with Salt

To increase password security, developers frequently use "salt". This involves adding a unique random string to the password before hashing. So, even if two users opt for the same password, their hashes will differ due to the use of distinct salts. Even if an attacker manages to obtain the hashes of several users, it will be impossible to exploit them to guess the passwords of other accounts.

Challenges to overcome

Here are some tips for creating strong passwords:

  1. Length : Opt for long passwords. The longer the password, the harder it is to guess or brute-force. Ideally, aim for a length of at least 12 characters.
  2. Complexity : Use a combination of upper and lower case letters, numbers and special characters. Avoid words or number sequences that are easy to guess.
  3. Variety : Avoid using the same password for several accounts. Each account must have a unique password to limit risks in the event of compromise.
  4. Avoid personal information: Avoid including personal information such as your name, date of birth or words commonly associated with you in your passwords.
  5. Use of Phrases : Consider using sentences rather than just words. Phrases are generally easier to remember and can be harder to guess or break.
  6. Avoid Dictionary Words: Avoid using dictionary words as passwords. Attackers often use lists of common words in their brute-force attacks. 
  7. Random Passwords : Consider using random password generators to create unique, strong passwords. These tools can generate random combinations of characters that are difficult to guess.

Examples of strong passwords and creation methods

Creating a strong password is essential to ensure the security of your online accounts. Here are a few examples of strong passwords, along with methods for creating them:

Example 1: "Gr4nd3F0r3t!23".

  • This password combines uppercase and lowercase letters, numbers and special characters.
  • To create it, you can start by choosing a meaningful phrase or word, then transforming it into a memorable but hard-to-guess version. For example, "Grande Forêt" becomes "Gr4nd3F0r3t!" by replacing certain characters with numbers and adding a special character.

Example 2: "P@ssw0rd$ecure567".

  • This password also uses a combination of letters, numbers and special characters, and is of sufficient length.
  • To create it, you can choose a meaningful word or phrase, then add special characters and numbers to make it more complex. For example, "PasswordSecure" becomes "P@ssw0rd$ecure567".

Example 3: "Tr1c0l0r3!Blue".

  • This password uses variations of letters and characters to increase complexity.
  • To create it, you can use meaningful words or phrases, then strategically add special characters and numbers. For example, "Tricolor Blue" becomes "Tr1c0l0r3!Blue".

Examples of strong passwords and creation methods

Methods for Creating Strong Passwords :

  • Use secret phrases: Start with a meaningful phrase and turn it into a combination of letters, numbers and special characters.
  • Mix the characters: Alternate upper and lower case, and add numbers and special characters to increase complexity.
  • Avoid personal information: Avoid including personal information such as your name, date of birth or words commonly associated with you.
  • Use a password generator : Online password generators can create random, strong passwords for you. Just make sure you use them from reliable, secure sources.

By following these tips and choosing strong passwords, you can strengthen the security of your online accounts and protect your sensitive information from cyberthreats.

Password Manager, between sovereignty and practicality

Password managers are essential tools in the secure management of our online credentials. By storing our passwords securely and encrypted, they enable us to generate, store and manage unique and complex passwords for each account, without the need to memorize them all. But why should we prefer French password management solutions for reasons of sovereignty?

By choosing French, or at least European, password managers, we are helping to strengthen our country's digital sovereignty. Opting for national solutions guarantees that our sensitive data is stored and processed in infrastructures subject to French laws and regulations on data protection and confidentiality. It is therefore impossible for anyone to access these saved passwords if the solution is French. On the other hand, if it comes from an American solution (Google, Microsoft, Apple), for example, the US government can access this information if it wishes.

We therefore encourage you to use French solutions, such as the one developed by MailInBlackSikker.

In this article

10 simple tips for spotting e-mail attacks (phishing and ransomware)

The most common cyberattack scenarios for SMEs

Understanding EDR, SIEM, SOAR and XDR: the complementary nature of cyber defense

Cyber news

Antivirus vs. EDR: why companies need a paradigm shift?

Security Policy Development

Every Cyber Security articles

Phishia protects your business against cyberattacks.

Our Cyber Securities services

Paris - Nantes

contact@phishia.fr

+33 6 85 25 99 28

Monday – Friday: 8:00 AM – 8:00 PM.

Cybersecurity

Artificial Intelligence

CSR

Terms of use

Privacy policy

I have a project
en_US
fr_FR de_DE it_IT en_US

Cybersecurity

PhishiaSOC

Crisis management

Prevention

Outsourced CISO

AI

ISO 42001 & SMIA support

CSR

Carbon Footprint Assessment and Climate Strategies

Life Cycle Analysis and Eco-design

Support for CSRD compliance

Sustainable cybersecurity

Managed SOC

Who we are

Join us

All articles

Cybersecurity blog

Blog IA

Sustainability blog

Contact us