Creating good passwords

Why are passwords important? They keep people from getting into your stuff.¬†Online banking websites are password protected for obvious reasons. Even Email, Facebook, Twitter, and other websites may not have much personal information in them, but they’re password protected for a reason too.

What could happen if you didn’t password protect your email?

Well, someone could play a joke on you and send out a nasty email to your Mom, or send out one to your girlfriend and call her Jackie when her name is Susan. Not good. How do you prove it wasn’t you?

How about if a Spammer hacks into your email account and uses your account to send out a bunch of spam advertising the latest in male enhancement drugs and Grandma gets it? Definitely not good.

Go ahead, give everyone your Twitter password and see what happens.

You get the picture. It’s good to keep your accounts secure with good passwords. But what makes a good password? What is a bad password?

Let’s start with the bad passwords.

“Password” is NOT a good password. Neither is password1. Don’t use 123456, qwerty, letmein, 111111, iloveyou, or superman. These passwords are WAY too obvious and can be easily guessed by friends or hacked by bad people.

Things to avoid.

  • Don’t use your birth date or your kid’s name or your pet’s name.
  • Never use your name.
  • Avoid any dictionary words, because they can be hacked in milliseconds.
  • Don’t just add a 1 to the end of your password. (Ex: password1)
  • Don’t double your words. (Ex: puppypuppy)
  • Don’t reverse your words. (Ex: yppup)
  • Avoid keyboard sequences. (Ex: qwerty, asdf)

Check out this list of the 25 of the most common passwords. If yours is listed, consider changing it!
http://blog.brickhousesecurity.com/2011/11/28/top-25-worst-passwords-of-2011/

So what makes a good password?

The best password is at least eight characters, uses a combination of upper and lower case letters, numbers, and special characters, and doesn’t use common words.

Say your password right now is Panther. That’s probably your cat’s name right? All it takes is for you to post a photo on Facebook with your cat’s name and BOOM! Someone has figured out your password.

Let’s see if we can fix it.

Bad: panther

Better: Panther295

Best: P@nth3r295

Yes, it’s harder to type, but it’s also harder to crack. You’ve used a combination of upper and lower case letters, numbers, and special characters. But you’ve also still used a common word.

I suggest an Acronym approach to passwords. Think about a favorite phrase, song title, movie title, or Bible passage. Something with a few words in it, but not something that is frequently referred to by its initials. For instance, you may love Kentucky Fried Chicken, but KFC has become much too common to use for a password.

How about this? Using the song, These Boots are Made for Walking, I’m going to take the first initial of each word:

TBAMFW

Good, but we need some variation. Let’s throw a number in there.

TBAM4W

Better. But maybe a few more changes.

Tbam4w

Actually, not bad. It’s a pretty good password. We could make it even more secure if you want.

Tb@m4w!2

Using the website, How Secure Is My Password, let’s look at how secure each password is. The numbers represent how long it would take some good hacking software to crack the passwords.

TBAMFW: 0.077228944 seconds

TBAM4W: 0.544195584 seconds

Tbam4w: 14 seconds

Tb@m4w!2: 3 days

The more characters you use, the harder it is to hack. Add a couple more to our eight character example and see how long it takes:

Tb@m4w!2xx: 58 years

See how I changed the ‘a’ to ‘@’? This is a good idea, but do not depend on this entirely, especially if you’re using a common word or name. Put random characters in. For instance, p@$$w0rd is almost as common as password!

So, how easy is your password to crack? http://howsecureismypassword.net/

One more thing. DO NOT WRITE DOWN YOUR PASSWORD AND LEAVE IT ON YOUR DESK!

That is all.

Tracy

Comments are closed.