Published on April 30th, 2015 | by adminbill0
Passwords are the first line of defence between your personal information and the world.
Choosing a strong, memorable and secure password is a key step you have to go through before signing up for accounts with the various web services and apps on offer.
It’s easy to fall into the trap of using a single password for all of your accounts but, think about it, in the event that your password falls into the wrong hands then all your accounts will be compromised. Using a unique password for every one of your important accounts like email and online banking is an easy and sensible precaution to take.
Avoid using common and obvious words or phrases like your first and last name, or your favourite football team. Also avoid using publicly available details like your phone number, it isn’t original nor very safe either!
How to create a strong password
1. Pick a base word phrase
A good and easy to remember passwords starts off with a base word phrase. A base word phrase is a sentence: a quote, a slogan or some kind of catch phrase that is meaningful to you.
e.g. I Think Therefore I Am
2. Form the root of your password
Take the first letter of each word in the base phrase to form the root of your password. You’ll be adding more letters and number to this root to make it harder to crack, yet logical and memorable for you and only you.
e.g. I Think Therefore I Am
3. Lengthen the root by adding words and numbers
For a password to be strong it has to be at least 6 or 8 characters long. Most websites won’t let you register for an account if you input a password that’s shorter than 6 characters, while some only accept passwords that are at least 8 characters long.
To increase the length of our root you can simply add in the name of the website or service you’ll be using the password for.
You can also add in some numbers to make it even stronger and tougher for hackers to crack. An easy thing to add would be the last two digits of your birth year.
Our example password is already 15 characters long, which is considered exceptionally difficult to hack. Microsoft doesn’t put encrypting passwords in hidden files when they’re over 15 characters since it considers them to be at a very high level of security.
4. Swap in numbers, symbols and uppercase characters
You can boost your password strength to epic proportions by changing some of the password letters into numbers (l33t-speak, anyone?), adding extra symbols and including uppercase and lowercase letters within the password. This is called ‘character scrambling’ and serves to make your password even less predictable for hackers who use dictionary attacks.
a) Changing letters into numbers and symbols:
b) Adding extra symbols:
c) Using mixed letter cases
5. Remember to change your password regularly
If you’re using your password for work-related information or any kind of highly-sensitive data, then it is very important to change your password at least once a month.
At home, you don’t need to change your passwords so frequently, once every 90 days (three months) should do the trick if you want to stay safe.
Coming up with a new password every single time can be a major inconvenience, so a simpler way to go about is by shifting around the order of the words in your password so that you end up with a list of similar (but not identical) passwords that you can rotate regularly.
Say, if you want to change your home password once every three months, then having a list of four passwords and rotating between them should be enough.
Password management tools
Using a password management tool (e.g. LastPass and KeePass) is a great way to store and remember passwords securely. These programs keep a list of all your usernames and passwords in an encrypted form and will automatically fill in the username and password information on websites or apps you regularly use on your home device.
Of course, maintaining good password hygiene is important when using computers in networked or public places. Remembering to logout from your accounts, deleting your history and make sure the ‘keep me logged in’ option is unchecked are useful habits that make sure you don’t inadvertently give someone a free pass to all your information.
Setting up your password recovery options
In case you forget your password or you get locked out of your account, you’ll need an alternative way to get back into your account.
Many online services will send you an email with a special link that will reset your password and let your set a new one. You should ensure that your recovery email address is up-to-date and that it still works (i.e. the account is still active and you haven’t exceeded your inbox storage limit).
Some websites let you add a mobile phone number so that you can receive a code via text message to reset your password. Having a mobile phone number on your account is one of the easiest and most reliable ways to help keep your account safe.
However, if you can’t or don’t want to add a phone number to your account, many websites may ask you to choose a security question to verify your identity in case you forget your password.
The questions are usually about things that only you would know or remember (like your first pet’s name or the name of your favourite teacher at school). However, this is quite a weak way of protecting your account.
One way to beef it up is by changing the way you input your password using the examples given before. For example if your first pet’s name was Sparky and you got him in 1995, then the answer could be written thus: Sp@RkY_95.