Current category:Tips and Tricks

Train yourself to use strong passwords

With the uptick in cybercrime in recent years, it is critical that we don’t lose sight of the simplest precaution we must take to protect ourselves – using strong passwords. We might think it’ll never happen to us, but the latest security breach at LinkedIn is a reminder that a strong password is our last line of defense when it comes to protecting our personal information from hackers.

password

A strong password is one that’s difficult to guess by humans and computers, is at least 6 characters, preferably more, and is a combination of upper- and lower-case letters, numbers and symbols.

Experts also recommend that you:

  • Don’t use common passwords that are easy to crack like “12345”, “abc123” and “password.”
  • Use the full keyboard including letters, numbers and special characters in seemingly random sequence, not in the order they appear on the keyboard, like “1q2w3e”.
  • Don’t use any words from the dictionary. Also avoid proper nouns or foreign words.
  • Don’t use anything remotely related to your name, nickname, family members or pets.
  • Don’t use any numbers someone could guess by looking at your mail like phone numbers and street numbers.
  • Don’t reuse your last 15 passwords, and change them every 90 days.

Right, you say. I’m lucky I remember which password goes with which account! (You aren’t using the same password for all of your accounts, are you?) Luckily, there are ways to make remembering strong passwords easy:

  • Use phonetic spellings of words and substitute some letters for numbers or characters that resemble them. For example, replace “t” with “+,” “s” with “$”, and “p” with “9”.
  • Choose a phrase that means something to you, take the first letters of each word and convert some into numbers and characters.
  • Use an adaptable base password: a base password combined with additional characters depending on the context. For example, take the first letters of each word of your favorite quote and add every consonant in a brief description of what the password is used for, like “2bon2bbnkccnt.”

These strategies can be combined to make for some pretty strong passwords that are difficult to crack, even for a computer program.

If you really want to get serious about strong passwords you can use Diceware. Basically, Diceware is a method for choosing passphrases that uses the results of five dice rolls per word in your passphrase. The resulting numbers are matched to random words in the Diceware Word List. You then combine the random words to make your passphrase. The site recommends choosing between five and seven words for your passphrase.

If the latest high profile security breaches have you thinking you need to come up with better passwords before your accounts get hacked, use these guidelines to get started today. While it may seem like overkill, you’ll be thanking your lucky stars the day your favorite social network – or worse, your credit card company – gets hacked.

By Megan Berry

About the author: A senior editor for IT Manager Daily, Megan covers the latest IT and business technology trends and delivers actionable insights for IT pros.

GD Star Rating
loading...
Train yourself to use strong passwords, 4.5 out of 5 based on 2 ratings

This entry was posted in Tips and Tricks and tagged . Bookmark the permalink.

11 Comments

  1. Jake says:

    Yeah never make your passwords obvious and mix it up with different types of characters. Put a # in and a number there, and a ! there. Upper case and lower case, and change it up for different platforms you are a part of.

  2. Aaron says:

    Not only should you have a healthy combination like you had indicated but be sure to change your password every month or so. You will increase the odds of being safe that way.

  3. Tonny says:

    Finally some great suggestions.

    All my friends has the same password for every website, which is so risky!
    Another tip I can recommed is to customize your password to each website by using the first letter or last letter, of the domain name, in the password.

  4. Asanda says:

    Selecting a strong pasorswd is really important specially if you’re putting a business online or indulging in activities that involves critical information. In my own opinion though, the problem is not with the weak pasorswd. It’s the lack of knowledge on stuffs that actually hacks your pasorswd like phishing links. This is the most common reason of accounts getting hacked.It does make sense because there’s no way that a hacker can guess your pasorswd because it’s weak or something like that. If you’re doing business at home then you’re the only one who get access to your computer so there’s really no way that your account is going to get hack even if you have a weak pasorswd unless you got into a phishing links or online keyloggers.Besides, if you happen to get caught into this type of stuffs, then no matter how strong your pasorswd is. It will still be recorded and your account gets hacked.

  5. Briana says:

    Strong passwords are important but don’t use the same password for different accounts you have. If you have a password for a Facebook account, don’t make it the same as your password for your Gmail, etc. Vary it up and that lessens the odds of getting hacked.

  6. Troy says:

    One thing to never do is use a password that is incredibly easy for people to figure out. Of course when you register for something now, and you are choosing your password, there is an indicator that tells you whether your password is strong enough. I agree, mix it up with symbols and numbers.

  7. Jim says:

    Mixing up your password characters and changing them every month or so is the safest thing you can do. And yes, do not use the same password for different platforms you are on. If one is hacked, before you know it the rest will be too. You don’t want that.

  8. Yvette says:

    Well I have never been hacked and I think mixing up the characters in your password does help. Everyone should do it as the odds of you staying safe are higher that way.

  9. April says:

    People use the same password in different platforms because it is easier to not dig up for your password each time you want to go on a different blogging or social media platform. This article proves that.

  10. nalin says:

    Very true. But once I was not able to recall the password as it was not common and I ended up resetting the password that i would easily recollect. But I make sure that my password doesn’t match for two different websites. Using phonetic spellings of words is a great idea. I would definitely share this with my friends

  11. Thrawn says:

    6 characters minimum? An attacker can brute-force the whole set of 6-character hashes in a couple of minutes. Try 12 characters, preferably more.

    And if you need to change your passwords every 90 days, then they are far too weak. They should only be changed if there is a known/suspected leak.

    The systems that this article recommends for making your password stronger will do only a very little bit to help you. Attackers are smart. They know more about these password-strengthening systems than 99.9% of their targets do – including the author of this article, and every commenter including myself – and they develop tools that specifically look for patterns of first-letters-of-quotations, phonetic replacements, etc.

    The only really good system mentioned in this article is diceware. An attacker can quickly guess a dictionary word, but a random sequence of 4 or 5 dictionary words is a completely different story. No computer currently in existence can crack a sequence of 5 random dictionary words within your lifetime. Yet it’s relatively easy to memorise.

    If you are going to recommend using completely random sequences of characters, then yes, password management software is the way to go. It’s just not possible for ordinary human beings to remember a unique long gibberish password for each account without help (we aren’t even very good at inventing them; we’re too predictable). But there are plenty of free options available, both locally and remotely hosted (Password Safe, KeePass, 1Password, LastPass, etc).

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>