In our last post, I discussed the 8 Most Common Techniques Hackers Use to Crack Passwords. Yet, for many it can be slightly confusing as to how they should protect themselves from being victims of these techniques. So for today’s post, I will outline the best practices for creating a secure password.
Tips for a Secure Password
Keep it Non-Sequential
Avoid Consecutive keyboard combinations – such as “qwerty” or “asdfg”. Splashdata rated the most common passwords for 2014 and found that “123456” was the most common password. “12345”, “12345678” and “1234” were also in the top 5 passwords that were hacked.
Keep it Uncommon
Don’t use dictionary words, in any language. This should include slang terms, common misspellings or common words spelled backwards. The second most common Splashdata password that was hacked in 2014 was in fact “Password”. Using terms like this allow for hackers to easily by-pass your security measures.
Keep it Complex
Each password that you use should include at LEAST one character from each of the following categories:
- Lower-case Letters
- Upper-case Letters
- Special Characters (!@#$%^&*)
Keep it Fresh
Change your password every 3 months and avoid repeating the passwords within a year of each other.
Keep it Generic
Avoid using any kind of personally identifiable information in your password.
Keep it Long
Your password should contain no fewer than 8 characters. But with password security, the longer the better. Longer passwords are harder to be cracked by hackers.
Keep it Easy to Remember, but Hard to Guess
There are many ways to do this, some common suggestions are:
- using phrases like “I got my car in 2009” and use the first letter of each word for your password, “iGMC!2009”
- Use a nursery rhyme, for example, take “Little Boy Blue come blow your horn. The sheep’s in the meadow. The cow’s in the corn.” Now use the first letter of each word, and turn your L’s into 7’s and S’ into 5s. You get “7bbcbyhT5itmTcinc!”
- Use the same logic with the nursery rhyme and apply it to a favorite quote, for example “To be or not to be, that is the question” could become “2BorNot2B_ThatIsThe?”
Keep it Diverse
Do not use the same password for all of your accounts. Make sure that you keep things different.
After you come up with a password, you should test it at an online service to let you know if it is in fact secure. Now, you don’t want to go typing your password in just anywhere, as that could easily lead to your data being stolen. However, there are a few resources that are safe and will let you know if your password is strong. Check out HowSecureIsMyPassword sponsored by RoboForm or Microsoft’s Password Checker.
Once you are sure of your password’s strength, there is one last item that will ensure its security:
Keep it Private
This is definitely the most important thing on the list of tips for a secure password.
- Don’t enter passwords when using unsecured Wi-Fi
- Don’t enter passwords on computers you don’t control
- Don’t let anyone watch you type in your password
- Don’t let your browser remember your password
- Don’t leave your device without logging out
- Don’t tell anyone your password
- Don’t write it down and leave it by your computer
Using these guidelines you are sure to be able to create your own secure password. Be sure to follow whatever works best for you and your situation.