Making up passwords is something we have to do almost everyday it seems. Banking web sites, forums, email accounts, webhosting accounts, mail lists, etc. But it seems that making passwords is one of the things that some people have the hardest time doing. Maybe it’s not that it’s hard to make a password, but hard to make a GOOD password. First off, what’s a good password and what’s a bad password? Anything that is a dictionary word (even in another language) is a BAD password. Personal names are usually very bad choices. Why?
Because there are password cracking programs that can go through dictionaries testing passwords very quickly. Now, one thing people have done is attempt to take dictionary words and replace characters with numbers. This is a bit better than dictionary words and is used onlineby l33t (leet or elite) h4x0rs (haxors or hackers)… even google has given a nod to this with a translation of their search engine. The problem is the cracker software has gotten to a point where it tries these substitutions. (The number 0 for the letter o, 1 for l, 4 and a, etc.) So, while this is a bit better, it’s still not great.
The BEST password is one that appears to be a random string of letters and numbers. Ideally they should be uppercase and lowercase and include numbers. 7Y45cVFHg3 is an example of a pretty good password, but HOW are we supposed to remember that. First off, it’s surprising how well you can memorize gibberish if you type it enough, so one suggestion might be to pick a ridiculously hard password and make a point to memorize it. But, I think there is a better way.
Come up with a sentence. It can be a favorite quote or saying, or even something that you have made up. Let’s take for example “ours is not to question why, ours is but to do or die.” (I remember this quote used a lot in an old Risk video game release….
Now, let’s take the first letter of each word. ointqwoibtdod … wow that looks impressive, but since we’re all lower case we only have 26 character possibilities, let’s mix the case a bit. How about we capitalize Ours Not Question Why Ours (again) But Die (everything but the 2 letter words). So now it’s OiNtQWOiBtdoD … this is looking promising. Let’s go back and do some number replacements to make it a bit more complex. 0′s for Os 0iNtQW0iBtd0D We could take this further, we could substitute 8 for B, 1 for i to help us remember that EVERY letter that resembles a number is swapped. But most places make you do 6-8 character passwords, what if that’s too long? Cut it in an easy to remember place… “Ours is not to question why” can be distilled down to 0iNtQW or if you want an 8 character password take the second half… 0iBtd0D
This may look very difficult still, but play around with the idea creating sentences of your own. Then work with them for practice. In some circumstances you may not want to limit it to just the first letter, you might take a few characters…. the word thinking – you might take th or thk or just tk, whatever you think you will be best able to remember. You also may play around with your number substitions. Who remembers the phrase “best friends 4 ever”…. I think you get the idea at this point.
No, I don’t use any of the above suggested passwords and neither should you. The more practice you put in at making good passwords the better you are at it.
Related PostsRelated Posts
- How to Remove ProtectPCs | ProtectPCs Removal Guide ProtectPCs is a rogue antivirus application from the Wini family of rogues. It will push itself through claims of it being a video codec update or flash player update. Usually these appear on a site that shows up in the search results for whatever latest greatest sought after video clip......
- More on the spyware front, should banks assume information is stolen? Sunbelt blog is reporting on some of the countermeasures that some banks are starting to use to frustrate keyloggers. One trick is to request that your pin - number be entered in reverse or a specific order. Another approach is mouseclicks on a virtual keyboard. Some of these ways can......
- Prepare for the April Fools Spyware Flood I received a message from some at superantispyware in the last day or two that is a well timed and good heads up. Every year there is a surge in spyware, malware and rogue activity around April Fools Day (April 1st). It's important to be aware and raise our skepticism......
- Reasons to Delay Taking Social Security until Age 70 As baby boomers approaching retirement in some form, we as a group of mostly still working adults are thinking more and more about Social Security retirement benefits and when we should claim them. I find myself studying and contemplating this issue more now than ever because of the hit Mrs. GoTo and......
- When Is Enough, Enough? UCLA Alumni, Andrew Lahde, announced last week that after making an astounding 866% last year, he was closing down his hedge fund and returning all the money back to his investors. While it's not certain how much money he's made, it has been speculated that he's worth around $30 million......
- 9 Ways To Finance Your Next Real Estate Deal A key element to being successful in the real estate business is having the ability to fund your deals once you have secured them with a purchase agreement. If you find tons of deals but have no way to fund and close them you are never going to take advantage of......
- Network Security guide for the home or small business network – Part 10 – use good passwords
- Debian development server compromise
- More on the spyware front, should banks assume information is stolen?
- The biggest computer security vulnerability ever
- ftp access problems with lulu.com