Create a strong, memorable password in 6 steps
Create Strong Memorable Password
-
Think of a sentence that you can remember. This will be the basis of your strong password or pass phrase. Use a memorable sentence, such as “My son Aiden is three years old.”
-
Check if the computer or online system supports the pass phrase directly. If you can use a pass phrase (with spaces between characters) on your computer or online system, do so.
-
If the computer or online system does not support pass phrases, convert it to a password. Take the first letter of each word of the sentence that you’ve created to create a new, nonsensical word. Using the example above, you’d get: “msaityo”.
-
Add complexity by mixing uppercase and lowercase letters and numbers. It is valuable to use some letter swapping or misspellings as well. For instance, in the pass phrase above, consider misspelling Aiden’s name, or substituting the word “three” for the number 3.
-
There are many possible substitutions, and the longer the sentence, the more complex your password can be. Your pass phrase might become “My SoN Ayd3N is 3 yeeRs old.” If the computer or online system will not support a pass phrase, use the same technique on the shorter password. This might yield a password like “MsAy3yo”.
-
Finally, substitute some special characters. You can use symbols that look like letters, combine words (remove spaces) and other ways to make the password more complex. Using these tricks, we create a pass phrase of “MySoN 8N i$ 3 yeeR$ old” or a password (using the first letter of each word) “M$8ni3y0″.
Test your new password with Microsoft Password Checker. Password Checker is a non-recording feature on this Web site that helps determine your password’s strength as you type
Password strategies to avoid
-
Some common methods used to create passwords are easy to guess by criminals. To avoid weak, easy-to-guess passwords:
-
Avoid sequences or repeated characters. “12345678,” “222222,” “abcdefg,” or adjacent letters on your keyboard do not help make secure passwords.
-
Avoid using only look-alike substitutions of numbers or symbols. Criminals and other malicious users who know enough to try and crack your password will not be fooled by common look-alike replacements, such as to replace an ‘i’ with a ‘1′ or an ‘a’ with ‘@’ as in “M1cr0$0ft” or “P@ssw0rd”. But these substitutions can be effective when combined with other measures, such as length, misspellings, or variations in case, to improve the strength of your password.
-
Avoid your login name. Any part of your name, birthday, social security number, or similar information for your loved ones constitutes a bad password choice. This is one of the first things criminals will try.
-
Avoid dictionary words in any language. Criminals use sophisticated tools that can rapidly guess passwords that are based on words in multiple dictionaries, including words spelled backwards, common misspellings, and substitutions. This includes all sorts of profanity and any word you would not say in front of your children.
-
Use more than one password everywhere. If any one of the computers or online systems using this password is compromised, all of your other information protected by that password should be considered compromised as well. It is critical to use different passwords for different systems.
-
Avoid using online storage. If malicious users find these passwords stored online or on a networked computer, they have access to all your information.
The “blank password” option
-
A blank password (no password at all) on your account is more secure than a weak password such as “1234″. Criminals can easily guess a simplistic password, but on computers using Windows XP, an account without a password cannot be accessed remotely by means such as a network or the Internet. (This option is not available for Microsoft Windows 2000, Windows Me, or earlier versions) You can choose to use a blank password on your computer account if these criteria are met:
-
You only have one computer or you have several computers but you do not need to access information on one computer from another one
The computer is physically secure (you trust everyone who has physical access to the computer) -
The use of a blank password is not always a good idea. For example, a laptop computer that you take with you is probably not physically secure, so on those you should have a strong password.
Great tips! I work for Passpack which is an online password manager and considering the average user has 25 accounts, it may be stressful on the memory to remember 25 original passwords.
Password managers are designed to do the remembering for you. And with AES encryption and host-proof hosting, you don’t have to worry about anyone accessing your account but you.
Here is a quick link to our blogpost about password managers:
http://tinyurl.com/38jxny
Hope it helps!
Louise
Good post. Good points too and easy to implement too. Unfortunately not many know the importance of a secure password and just put their family members or their own names as passwords.
Good advice. I think too many people have simple passwords. Imagine someone getting into your e-mail, then your bank accounts, credit cards, university accounts etc.
I had a false alarm two months ago (lots of read e-mails when I hadn’t checked them for days) and it was not a good feeling. Turned out my friend had been reading them, which I really didn’t mind… strange but oh well!!
Thanks for sharing!
If you use a laptop and travel with it, a good password won’t protect you from someone who steals it does a careful search for credit card numbers, bank account numbers, PINs and other stuff that can be used to open credit accounts in your name. Only encryption of the actual files is any protection against an attacker who has physical access to your machine. There are several good free encryption systems out there. The general rule seems to be “The bigger the hype and the higher the price, the weaker the system.”
Leave a Reply
Subscribe to Blog RSS Feed
Recent Posts
Archives