How To Build A Better Password Without Loosing Your Mind...
- Published in Security & Privacy
- 0 comments
- Read 1762 times
Even with all the high-tech marvels of the digital age, the primary mechanism for personal security online is still an old and rather low-tech one: the password. Unfortunately, passwords are one of our most vulnerable security tools. Spyware that searches for and steals passwords, programs that guess passwords by trying common words or phrases (in multiple languages!) and letter/number combinations, even your neighbor in the next cubicle or visitors to your home can take your password and make it their own.
The solution? "Strong" passwords.
What makes a strong password? Let's start by looking at what makes a weak one. Your passwords should never be based on any of the following:
- Real words in any dictionary. Password thieves employ software that zooms through all known words, in many languages, and even tries reverse spellings.
- Names of relatives, pets, or friends.
- Your e-mail address or any other personally identifying information such as your phone number or your address.
- Sequences of less than eight characters. The shorter the password, the shorter the time required for a password-cracking program to run through all possible character combinations.
- Identifiable sequences of letters or numbers: ABCDE or 12345, for example.
- Sequences consisting entirely of letters, letters of one case, or numbers.
In other words, "strong passwords" combine letters (both uppercase and lowercase) and numbers in a random sequence of at least eight characters. For example: Mn1gcHiaS7.
Swell, you say. How in the world do you remember that?
One frequently used technique is to create a mnemonic that triggers it for you. A mnemonic is a memory device that keys each element in your password to a word or number and collects the whole into an easy-to-remember sentence. The example above could be made into the following mnemonic: Mn1gcHiaS7 = My number 1 great cowboy Hat is a Size 7. You may find it easier to come up with a memorable sentence first and then craft the password from it. For instance, "Our 2nd child wants the 6th Harry Potter book" becomes O2cwt6HPb.
Follow-up: Now that you know how to create strong passwords, here's how to keep them secure:
- Don't tell anyone your passwords.
- Don't write your passwords down anywhere. (You probably shouldn't write down your mnemonic, either.)
- Don't use the same password more than once.
- Every time you need a password, make up a new one. If that proves too difficult, you can consider recycling passwords, but go through at least three or four password-change cycles before re-using a password.
- Change your passwords frequently (at least every 3 months).
- Change your passwords immediately if you suspect a security breach.
There are great password management programs: our all-time favorite is 1Password by AgileBits, available for Mac, Windows and iOS devices.
Your homework: Add this to your reading list: