ATLAS Password

Be more secure with an ATLAS password. Learn how an ATLAS password is constructed below:

The security of your website is as good as the security of your password. How good is your password? The ATLAS password offers you the choice of having the best possible security.

How good is your password?

Many webmasters use simple 8, 6 or even 4 character passwords. Even worse, often these are taken from known words or variations of words, which further reduces the password strength.

Number of characters

Better passwords contain more characters. Typical password cracking algorithms rely on brute force to break the password. In brute force attacks one high end cpu ( or multiple slaved together to work as one ) try every known combination of characters in your password. Your password is found by eliminating every known combination it could have.

The Pool

Not all passwords are created equal. If you only use lowercase letters your password will be relatively easy to break, even if you use many characters. This is because the number of possible variations of all the characters is small.

You can obtain significantly better protection by widening the pool of characters used. In addition to lowercase letters you may use:

Strength multipliers

• UPPERCASE letters
• numbers
• special characters

When you introduce these into your password they act as a strength multiplier. The ATLAS password offers you the choice of using ALL of these multipliers. You SHOULD use all of the strength multipliers to obtain your best security. Here are the exact multipliers used in ATLAS:

character pool	strength multiplier
lowercase letters	26
UPPERCASE letters	26
numbers	10
special characters*	13
Total	75

Base

The ATLAS password maker displays a number called "base". The base is the product of number of password characters multiplied by your strength multiplier. Here is the formula:

base = (# of characters ) x ( strength multiplier )

It quickly becomes clear that using more characters and all of the strength multipliers yields a larger base. Larger bases are more effective.

Strength = exp( $base )

The base is used in calculating the final strength. The number of possible combinations of your password is determined by the exponential value of your base. Here is the PHP formula:

$password_strength = exp( $base );

As you might guess, using an exponential function to calculate your password strength can yield an extremely large number. A large number is a good thing. Larger numbers lengthen the time it takes to crack your password.

Infinity

Using a higher base value (by using a high number of characters and widening your pool) can exceed the capacity of the processor to calculate your strength. In these cases PHP silently assumes infinity has been reached. When ATLAS finds that your base results in an infinite strength ATLAS displays:

"Exceeds cpu"

If you see this displayed with your password then you are likely to have a strong base and comfortable security.

Time to crack: 3.9 BILLION years

The time to crack a password varies with the processing power of the cpu/s employed, and of course with the strength of the password. Using a high end PC platform to crack a 20 character ATLAS password is roughly calculated to take one processor 7.8 billion years. On average it may only take half that amount of time to find the password, because not all combinations need to be tried before your password is found. Therefore, the time to crack a 20 character ATLAS password is half that, or roughly 3.9 BILLION years.

Summary

The security of your website is as good as the security of your password. You may increase your password security by using more characters and by using ALL strength multipliers. Using a 20 character ATLAS password along with a full strength multiplier will improve your security. Try the ATLAS password maker, bookmark it, and use it often for iron-clad security.

Esteban Escobar is an internet security expert with 15+ years experience.