Minecraft Blogs

Creating Strong Passwords

  • 117
  • 19
  • 220
avatar PMC
Level 74 : Legendary Cake

Go here to reset your password

Recently, there has been an issue with passwords being compromised from third parties, and because many people use the same password for a multitude of services, their passwords on Planet Minecraft and other places was compromised as well. This danger to our member's accounts and their password security has resulted in the current need for a password reset on all members of the site. This tutorial is primarily designed to help you create a strong password that you can remember without the aid of software, though that will be included as well at the end.

First, before we work on making strong passwords, let's look at what makes a password strong. There are 3 things that make up strong passwords; length, complexity, and uniqueness. Lets take a look at these one at a time.

Length - Longer is better

Password length is very important. Most websites require that passwords be 8 characters or more now. One reason for that is because as computers get faster, it becomes easier to break people's passwords. Right now, it is possible to break every possible password of 8 characters or less on a Windows account in 6.5 hours. That may sound like a long time, but that would be like breaking the passwords of every Minecraft account that is 8 characters or less in 1 day. That is not just 6.5 hours to find each password, that time is finding all passwords that are 8 characters and having access to potentially millions of accounts. For this reason, having just a short 8 character password is not an option.

Complexity - The spice of life

The second property of a good password is complexity. Passwords are generally limited to the 95 printable characters on the keyboard, which is great, because that is a lot of options. Most people do not realize that there are actually 4 groups in that set of 95. You have 26 lower case letters (a-z), 26 uppercase letters (A-Z), 10 digits (0-9), and the remaining characters are the special characters and the space (!@#$%^&*-_=+`~<>?,./;':"[]{}|).
Most passwords suffer from the problem that characters from all 4 groups are not used in creating passwords. The password "password" for example, really only has 26 possible characters at each place, making it much easier to guess (there is lots of nasty maths involved in that which will not be shown here). Changing the password to include uppercase characters like "Password" is slightly more secure at 52 characters, and adding a number is even better at 62 with "Password1". The best passwords come from using all 4 groups to make a password that looks like gibberish, but is easy to remember, like "P4sSw0rd?!". Most people will be able to tell that it looks like the word 'password', but a computer will need to check all 95 characters at each place to get that password.

Uniqueness - You are unique

The last part in creating a strong password is uniqueness. The chances of creating a password that nobody has ever thought of are not generally good unless they are personal (include something about you in the password), but what is more important is that your passwords for 2 different services are not the same. What this means is that you will need to remember a large number of different passwords to different sites, which can be a pain, if you don't do it properly. Since we have covered what is needed for passwords, lets work on making one.

There are 2 different methods for making strong passwords that we will look at. The first will be creating a password that is very complex for security, and the second involves creating a very long password for security. Lets get to the password making.

Password of Infinite Complexity

To create a secure and unique password for every site that you will be able to remember, I will teach you the method that I use. First, you need to pick a word. This word should be a longer word (at least 8 characters, though more is better). For our example, we will use "minecraft" as our base word. "minecraft" is a terrible password because it is all lowercase, so lets make it stronger. For the next step, we are going to use awesome Haxor skillz to make the password look like gibberish to the computer while still being something that you can read.
First, let's add some capital letters to our password and change it. "mineCraFt" is a better password than before, but we need to change it even more.
The next step will be to replace some of the letters with numbers. The easiest way to do this is to pick numbers that look like the letter that they are replacing (0 for o, 3 for e, etc.). Our new password of "min3CraF7" looks much better, but we can do more.
Our last step for our base phrase is to add some special characters. This can be done similar to the numbers by picking things that look similar (replace o with (), i with ;, etc.), or not. We will do both and come up with a final starting chunk of "m!n3Cr@F7_".

Now that we have "m!n3Cr@Ft_", we can make this password unique (which is vital in case one of the accounts get's hacked). An easy way to make a password unique is to use something about the site that you are logging in to to remember the unique portion. For logging in to Planet Minecraft, we might use "PMC" to start with our unique bit, but use "FB" for FaceBook so that both passwords come out as "m!n3Cr@Ft_PMC" and "m!n3Cr@Ft_FB" respectively. It is even better if you make the password super long and use "m!n3Cr@Ft_Pl@||3tM(", which still looks like "Minecraft Planet MC".
Most people say that you should never write your password down, but for this it is only half true. The first part of your password ("m!n3Cr@Ft_") should be memorize and/or tattood directly on your brain. The rest of the password can be safely written down (for example just write planetminecraft.com -> Pl@||3tM(, facebook.com -> FB, etc.)

Long and Strong

Our second method for creating a strong password is to make it really long. While this may sound very difficult to remember, we are going to use a fun method to select random words. There is a password method called Diceware that uses rolling 5 dice to select words from a list. This list of words is publicly available, but that does not make the passwords weaker.
Essentially you will be making a 5 word (or longer) password that has 7776 possibly combinations for each word. This means that breaking your password, even if someone has the list, would take an insanely long time. To create a Diceware password, you will need at least 1 dice (5 is recommended for simplicity). Roll the dice until you have 25 numbers and write each number down as you roll.
When you have your list of numbers, group them into groups of 5 and then check the list given at world.std.com/~reinhold/beale.wordlist.asc for your number combination. This will give you 5 words to remember for your password. For example, if I rolled 51342, the word would be "rehab". Once I have picked my 5 words I can end up with something like "rehab m rein ascend mitts". While that looks like a terrible password, it takes 26+33 characters to break because of the lowercase letters and spaces. This means that there are 25 characters, each with 45 possible characters for a total of way too many possible passwords.
Remembering this type of password is a little different, and it may be harder to make it unique, so we will use the previous method of making the password unique by adding another word. If we add PMC to the end of that password for "rehab m rein ascend mitts PMC", it becomes even more secure. Remembering the 5 random words would probably be as difficult as remembering "m!n3Cr@Ft_", and so writing it down should follow the same rules, only write the unique portion of the password down.

Using Robots

Now that we have 2 shiny ways to make passwords that you can store in your brains, there is one last option for secure passwords. This option is getting robots to do it for you. What I mean by this is having software create and store passwords that are actual nonsense and mean nothing. These passwords are secure because they are meaningless, but they are not something that you will be able to remember and type. Creating strong passwords that you can remember is something that I consider more important, but using a piece of software like KeePass can help generate strong passwords if you are not worried about remembering them from one computer to another. There is proper information about those on their websites.

Remember, Long is strong, and Complex is best. Test the password that you come up with at http://www.passwordmeter.com/ and http://howsecureismypassword.net/ for a general look at how difficult it would be to crack without you telling someone what the password was.

If you have any questions, please ask your friendly SuperMods Zaralith the Destroyer or #BlameParil

Go here to reset your password

CreditZaralith, Paril

01/24/2015 5:34 am
Level 65 : High Grandmaster Programmer
My password is so dope, all I have to do is slide my finger on the keyboard from a to enter, and voila!
09/07/2014 10:13 am
Level 19 : Journeyman Pony
This post makes me sad for this reason: xkcd.com/936

You're teaching everyone completely wrong, because the computer doesn't know to just test for letters, or letters and numbers, or whatever it is you have in your pass.
06/24/2014 2:23 pm
Level 29 : Expert Architect
It says that My_Pa$$w0rd_1$_R3ally_G00d would take 88 nonillion years to crack.
02/16/2014 10:59 am
Level 32 : Artisan Geek
I think I got it...My new password is qwerty.
04/25/2014 5:34 pm
Level 53 : Grandmaster Meme
So happy with my new password, 1234! I'll always use "remember my password" from now on so i don't forget it!
12/31/2013 8:55 pm
Level 28 : Expert Mage
It would take 5 sextillion years to crack my password, and it only has letters :P
05/31/2014 4:49 pm
Level 43 : Master Dragon
If a hacker has access to the PMC database, he could read it. Cracked in a few minutes...
12/31/2013 8:59 pm
Level 28 : Expert Mage
Also copy and pasted one of my blogs an it said it would take infinite years :D
12/31/2013 6:20 pm
Level 19 : Journeyman Scribe
m1n3cr@f7_PMC would take around 6 million years I think it said.
06/20/2014 3:40 pm
Level 4 : Apprentice Explorer
26 million years.
11/22/2013 1:59 pm
Level 71 : Legendary Senpai
2 billion years :/
11/16/2013 2:01 pm
Level 1 : New Miner
It would take a pro hacker to take 100 years before he has my account
11/06/2013 9:15 pm
Level 1 : New Explorer
It would take 30 years to crack my code.
11/06/2013 4:31 pm
Level 21 : Expert Dragon
A kid will NEVER break my password.
11/06/2013 4:29 pm
Level 21 : Expert Dragon
My passwordwould take 3 years to break.
11/03/2013 9:40 am
Level 1 : New Explorer
My usual approach to passwords (i.e. I already knew it was crap) said it would take 39 days to crack. My updated approach would take 25,000 years to crack. Change is good lol.
11/01/2013 12:34 pm
Level 32 : Artisan Electrician
Why do we care how strong your password is???? ._.
12/31/2013 6:21 pm
Level 19 : Journeyman Scribe
Oh, you'll care when your banking account is hacked.
12/31/2013 6:36 pm
Level 32 : Artisan Electrician
No like, people are posting comments about how strong their password is, totally useless info.
12/31/2013 6:40 pm
Level 19 : Journeyman Scribe
Okay, I get it now.
10/02/2013 4:10 am
Level 4 : Apprentice Crafter
Ex Editor
"Make "incorrect" your password so when you forgot your password, the internet will tell you "Your password is incorrect"

Hahahha. Had anyone ever done this?
09/22/2013 3:05 pm
Level 32 : Artisan Electrician
My password would take 39 days xD
09/30/2013 6:26 am
Level 3 : Apprentice Explorer
How cute. Mine would take 4 years to crack.
06/21/2014 3:50 am
Level 4 : Apprentice Modder
Ha, cute. Mine would take 1 billion years to crack.
06/24/2014 2:26 pm
Level 29 : Expert Architect
How cute. Mine would take 802 vigintillion years to crack. Don't know exactly what that means, but it sure sounds like a lot.
09/30/2013 10:41 am
Level 32 : Artisan Electrician
There seems to have been a misunderstanding. I was emphasizing how weak mine is, and you're just rude.
09/11/2013 8:17 pm
Level 10 : Journeyman Explorer
it would take about 3 hours to find out my password
09/22/2013 3:05 pm
Level 32 : Artisan Electrician
That's really, really bad. :/
10/05/2013 3:09 pm
Level 20 : Expert Pony
Maggie Makes Skins
If you knew me personally, you could guess my password in 3 seconds flat xD
10/05/2013 3:50 pm
Level 32 : Artisan Electrician
Is it your second name?
10/05/2013 4:38 pm
Level 20 : Expert Pony
Maggie Makes Skins
No, it's the title of my favorite song which I'm not gonna say (;
09/11/2013 5:36 pm
Level 42 : Master Blockhead
For my passwords I open up notepad and bang on my keyboard randomly and BAM theres my new password then I copy and paste it and save it, anyone else do this ?
09/08/2013 3:56 pm
Level 1 : New Explorer
One thing that has worked for me is thinking of the title of a game, book, TV series, etc. that is long and then replacing all the vocals with numbers.

For example let's say I like the Hunger Games so my password could be something like

(Not my actual password BTW XD)
09/07/2013 3:44 am
Level 6 : Apprentice Miner
I think ''TheClockThatTicks'' is a pretty good password right? I use it for all my accounts and I never got hacked.

I was obviously joking, never tell your password to anyone.
09/06/2013 5:43 pm
Level 32 : Artisan Dragonborn
The reason why that site says so-so trillion years to crack is because it glitches out when you type a sentence as password
09/05/2013 10:15 pm
Level 40 : Master Droid
Some idiot was on a server saying: "Type 'pass=(your password)' and get diamonds. Luckily and hopefully nobody was dumb enough.
09/08/2013 3:17 pm
Level 48 : Master Cowboy
09/05/2013 1:10 pm
Level 36 : Artisan Enderdragon
This is a really good guide for people who have bad passwords or have been hacked.
09/05/2013 10:02 am
Level 25 : Expert Artist
in 2012, the 2 most common passwords were, password and 123456... people really?
09/05/2013 7:53 am
Level 13 : Journeyman Engineer
I Just Calculated My Password Cracker's Working Time To Crack My New Password:

It Said 99x99x99x99x99 Billion Years.

Im Like *MidFing* JOKE

But It Seriously Did It. XD

Thanks For The Blog Post!
08/13/2013 8:01 am
Level 43 : Master Pokemon
Jacob Rigoberto
What is the max charcher limit on PMC?
07/31/2013 8:13 pm
Level 5 : Apprentice Network
Alright no one could ever guess my password.... its bubble.... OH SH** damn! Gawd Im stupid
07/26/2013 12:04 pm
Level 1 : New Network
Lol it said "It would take a desktop PC about Infinity years to crack your password" Ohh yeah
07/10/2013 7:22 pm
Level 57 : Grandmaster Scapegoat
The best passwords are sentences.
Would anyone try to guess this as a password:
"I like to play the piano while eating hot dogs." Would they? It is extremely long and easy to memorize.
06/26/2013 5:39 pm
Level 25 : Expert Grump
Computers actually try long confusing passwords like Awz21@rPQrs.. A string of words like this: theyellowcanary is harder for a computer to crack (I mean this for computer hacking systems, not if a real person is trying out passwords (noob)) because they cannot tell there are words in there... I'm not saying long, weird ones with symbols, lower and upper case ones don't work, just that long, easy-to-remember but still complicated are good too!
05/30/2013 3:42 pm
Level 4 : Apprentice Network
05/27/2013 11:39 am
Level 4 : Apprentice Explorer
Actually, a long password is better than a short, complicated one...
Relevent KXCD:Ã http://xkcd.com/936/
05/14/2013 1:30 pm
Level 2 : Apprentice Miner
wtf is this for a fail hax language
05/11/2013 11:36 am
Level 36 : Artisan Modder
lol anyone else see anonymous?
06/01/2013 2:06 pm
Level 15 : Journeyman Dolphin
By Anonymous, you mean the mask which represents Guy Fawkes?
Planet Minecraft Logo


© 2010 - 2020