HomeCool SitesGamesGuidesStuff

Choosing a secure password

by Alan Morris

Passwords are more important than ever. Internet shopping and banking are more popular than ever and many other web sites, networks and services also need passwords to login and access content.

Far too many people take chances with their passwords and without realising, make it far too easy for hackers and criminals to take advantage.

As a computer technician I would often need a password to access a customers computer and far to many times, with a few guesses and I'd be in. (if they hadn't stuck a post-it on the screen or told all of their work colleagues!)

As an experiment I have also tested out password cracking software on corporate servers with many hundreds of users. Within minutes the majority of passwords are cracked simply because the word is in the dictionary or the same as the username.

Common Mistakes

The favorite password of all is 'password', other very common ones include the persons forename, middle name, child's or spouses name, house name, date of birth, football team or pets name. For a hacker or criminal these passwords are easy pickings, particularly if they already know a bit about you!

What makes a Strong Password?

Passwords should never be obvious and definitely should not be written down and stuck to your computer!

To make a good password ( strong password to use the correct terminology) a password should be more than just letters. It should contain letters at least 1 number and 1 other character. By other characters I mean a ?,@,!,*,&,%,$ etc.

Security experts love passwords like, 2@c3$mY. This is a nice strong password. Impossible to guess and difficult to crack. the downside is that its also almost impossible to remember and almost as impossible to type.



Choosing a sensible secure password

Passwords should be a good length, generally the longer the better but I tend to stop at 7-9 characters, any longer and it gets a pain to type.

My favorite method for making a password more secure is to substitute letters. If you choose 'salmon' as your password swapping the a for a @ and the o for a 0(zero) gives you s@lm0n. Just as easy to remember but much, much harder to guess or crack.

You can also use a '4' for an 'a', a '5' for an 's' or '1' for a 'i' or any character that makes sense to you.

Another great method is to take a saying and take the first letter of each word to make a password. For example, 'I bet you can't guess my password' would become 'ibycgmp'.

To help me remember my passwords I always try to associate them with the web site or use. For example, Amazon Web site might make me think Amazon -> Tarzan. Then substitute letters and I have 't@rz@n'.

Password good practice

  • Don't write it down.
  • Don't tell anyone.
  • Don't use the same password for everything.
  • Don't send them in emails.
  • Don't save passwords to your computer if anyone else has access to your computer.
  • Change a password regularly. A least once every six months for something important.
  • The more important your password the secure it should be!

Good passwords aren't impossible to crack but they do mean that it takes much more time and effort to break. With a few simple changes, your passwords can require so much effort its easier for the bad guys to just try someone else.