Information Security

Cracking this Passphrase Could Take an Eternity

A 15-character passphrase containing special symbols, upper and lowercase letters, and numbers may seem like passphrase overkill. However, with supercomputers that can guess millions of passwords a minute, passphrase policies like those in Handbook AS-805, Information Security, are necessary (see about.usps.com/handbooks/as805/as805c9_019.htm).

Brute force password attacks use the same methodology and repetition as using all the keys on a keyring to open a lock. An attacking computer systematically inputs every possible combination of uppercase and lowercase letters, numbers, and symbols to crack a password.

According to the password strength meter at security.org/how-secure-is-my-password, hackers can crack the password “becybersafe” in roughly one day. If you make this phrase compliant with USPS® policy — such as “B3_Cyb3rS*f3_w0^k”— the passphrase will take 93 trillion years to crack.

Creating a memorable, policy-compliant, and hack-proof passphrase won’t seem like a daunting task if you follow these stress-free steps:

n Select an easy phrase to remember. (Be CyberSafe)

n Change specific letters into special characters or numbers to increase security and originality.
(B
3_Cyb3rS*f3)

n Add a unique identifier to further differentiate your passwords across your other accounts.
(B3_Cyb3rS*f3_
w0^k)

For more information about creating a hack-proof passphrase, visit the Cybersafe at USPS® pages on Blue (blue.usps.gov/cyber) and LiteBlue (liteblue.usps.gov/cyber).