Use tough passwords but make them easy to recall
You can see whether your current passwords you do use more than one, right? are rated “strong” by using Microsoft’s online Password Checker. I bet you’ll be unpleasantly surprised by the results.
The three keys to strong passwords are length, randomness, and use of different types of characters. Each additional character multiplies the potential combinations a brute-force attack must try.
Random passwords use upper- and lower-case letters, numbers, and symbols. When at least three of these four categories are used, an eight-character password should suffice in most instances. According to the FrontLine security site, such a password would take a century or more to crack by a hacker using a single PC. The eight-character standard is also the minimum the Microsoft Password Checker deems “strong.” Of course, the more characters in your password, the safer you’ll be.
If you wish to create your own password, use a sentence or phrase you can recall easily and then tweak it for each account.
For example, start with the phrase “all good things come to those who wait.” Then take the second letter of each word — or the only letter in the case of single-character words — to yield lohoohha. Then use upper case for every other consonant and substitute numerals or punctuation for certain vowels: loHooHh@.
(Never use any password-creation system you’ve read in a book or on the Web, including the example in the preceding paragraph. The password crackers read these articles, too.)
You can be as creative as you want with your rules. The goal is to produce a random-seeming combination of letters, numbers, and special characters one generated by a set of rules you can remember and recreate.
Next, add a few characters denoting the site or the account for which the password is required. For example, you could add the first three letters of the site URL to the beginning, middle, or end of your base password, but five letters later in the alphabet, so “ama” for Amazon.com becomes frf.
By this time, you’ll likely have a password that’s at least 8 to 16 characters long and fairly random-looking strong by any measure. When you need to change a password, keep the same rules and change just the base phrase.
The three keys to strong passwords are length, randomness, and use of different types of characters. Each additional character multiplies the potential combinations a brute-force attack must try.
Random passwords use upper- and lower-case letters, numbers, and symbols. When at least three of these four categories are used, an eight-character password should suffice in most instances. According to the FrontLine security site, such a password would take a century or more to crack by a hacker using a single PC. The eight-character standard is also the minimum the Microsoft Password Checker deems “strong.” Of course, the more characters in your password, the safer you’ll be.
If you wish to create your own password, use a sentence or phrase you can recall easily and then tweak it for each account.
For example, start with the phrase “all good things come to those who wait.” Then take the second letter of each word — or the only letter in the case of single-character words — to yield lohoohha. Then use upper case for every other consonant and substitute numerals or punctuation for certain vowels: loHooHh@.
(Never use any password-creation system you’ve read in a book or on the Web, including the example in the preceding paragraph. The password crackers read these articles, too.)
You can be as creative as you want with your rules. The goal is to produce a random-seeming combination of letters, numbers, and special characters one generated by a set of rules you can remember and recreate.
Next, add a few characters denoting the site or the account for which the password is required. For example, you could add the first three letters of the site URL to the beginning, middle, or end of your base password, but five letters later in the alphabet, so “ama” for Amazon.com becomes frf.
By this time, you’ll likely have a password that’s at least 8 to 16 characters long and fairly random-looking strong by any measure. When you need to change a password, keep the same rules and change just the base phrase.
Comments
Post a Comment