Passwords – 10 Tips

If you use a computer, tablet, smartphone (or even a fridge it seems these days!) and want to keep your data safe.. use a password.

If you surf the web and want to keep your identity secure.. use a password.

If you want that password to be effective.. you better make sure its a good one.

Passwords are used every day for a variety of reasons and a strong, extremely difficult to guess one is vital in protecting you from identity thieves, scam artists, potential data breachers and all manner of other bad guys.

So just how do you come up with an effective password?

Here are 10 very basic tips to help you do just that –

  1. Make your passwords from a combination of letters, numbers and symbols but be sensible about it though – don’t think for a minute that that will allow you to create safe passwords. Just because you can swap the letter ‘a’ with an ‘@’ symbol don’t be thinking that a password cracker won’t think of doing the exact same thing. Words such as ‘s3x’ and ‘[email protected]’ are only very slightly more secure than the regular spelling of the same words.
  2. Change your password every 3 months or so.
  3. Use a different password for every account, app or program that you use – if you don’t, and someone guesses or cracks your password, then all your accounts are immediately at risk.
  4. Always use a combination of at least 8 characters (and I would say thats an absolute minimum – lengthier passwords are highly desirable).
  5. Mix upper and lower case letters and don’t necessarily just use caps for the first letter either as that is a fairly predictable tactic.
  6. Use a phrase with no spaces (don’t use proper spelling, i.e. ‘dictionary words’ though) but mix it up with numbers and/or symbols – words are very easy for a password cracker to guess. End of. Making a password out of more than one word doesn’t add very much at all to the difficulty of cracking it. Passwords such as ‘letmein’ are remarkably easy to guess. You need to be much cleverer than that!
  7. Never use personal information – if someone has specifically targeted you then they will already know a great deal about you. If not, and they are determined enough, then they could probably find out a lot more about you than you realise by searching on the internet. Therefore, any words, numbers or phrases that can be connected to you are bad choices. For example, your name, date of birth, mother’s maiden name, etc are all bad password choices.
  8. Never use common single words (for example, cat, blue, etc) – the length of a password doesn’t usually have much bearing on how long it would take a hacker to break it. If you are using proper words, of any language, then a dictionary attack will always succeed sooner or later. Password crackers are, generally speaking, looking to get results in the shortest possible time frame. If your password is easily guessed with a dictionary attack then you will be a quick and easy victim. To avoid such password guessing tools you want to avoid words, especially the most commonly used ones, such as sex, dragon, love, god, pass and password.
  9. Never, ever share your passwords with anyone. Period.
  10. Use a password manager – they become invaluable as your list of login credentials grows.

Can you think of any other tips for creating an effective password?

3 Comments

  1. As you say, using any sort of word in a password is problematic, #6 is very important.

    The next most important thing is to implement two factor autentication if it is available. A lot of online services now have this but you need to enable it maually

    Darragh

    • Lee Munson says:

      I agree about 2fa but, as you know, it is not universal yet by any means, even if it is slowly gaining in popularity and usage.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.