Researchers noted that if you want to create a strong password, you must have to consider adjectives and nouns in the password as they are difficult to crack as compared to verbs and pronouns. Due to less number of verbs and pronouns, they are easy to guess.
As for example, “Sheblindedmewithscience” is a weaker password than “threeblindmicerhyme.”
In this study, researchers developed a grammar-smart algorithm and worked on 1,434 passwords with the character length of 16. They were able to crack three times as many passwords as current state-of-the-art cracking tools. Moreover, their tool alone cracked 10% of the password data set.
“I’ve seen password policies that say, ‘Use five words,'” said report author Rao in a statement. “Well, if four of those words are pronouns, they don’t add much security.”
That finding came from a research paper written by Ashwini Rao, a Ph.D. student at Carnegie Mellon University, and two colleagues, titled “Effect of Grammar on Security of Long Passwords.” Rao will present the paper at next month’s Association for Computing Machinery‘s Conference on Data and Application Security and Privacy (CODASPY 2013) in San Antonio, Texas.
Noun refers to the word or group of words the name of a class of people, places, or things, or of a particular person, place, or thing as for example bottle, spider, Africa etc.
Adjective refers to the word qualifying noun as for example cheerful, bright etc.
Verb refers to the word indicating action or state as for example stop, stand etc.
Pronoun refers to the word replacing noun or noun phrase such as I, we , you etc.
Source: Scientific American, Information Week