Passwords

Many users choose short and simple passwords. Easy to remember makes them easy to crack only by guessing them.

The strength of a password increases with its length. Adding just a few more characters to a password can increase the time to crack it by years.

A way to generate strong password is to string together some meaningful words (combine some words) into a password phrase. Adding some complexity by adding some special characters and numbers.  A strong password should contain all of these elements (uppercase letters, numbers, lowercase letters, symbols like !, @, #, $).

An online dictionary attack There are some programs trying to login on a website using a dictionary file containing a list of common passwords (leaked passwords from another websites, a vocabulary list with words in different languages). The website can prevent that by limiting the amount of login attempts or by using a CAPTCHA on the login form.

Cryptography is used to make the passwords harder to crack. Before storing a password it must be encrypted. It can be decrypted only by those who have the key.

An offline dictionary attack occurs when a program is used to decrypt an encrypted password. This way the hacker can decrypt it in the comfort of his hideout.

A website can protect its password by encrypting the stored passwords, limiting the unsuccessful login attempts and require users to change passwords often.