Creating better passwords

Strong passwords are a necessity these days. Think of them as a prevention method to keep unwanted people out of your personal files and information, just as the lock on your front door is a prevention method to keep unwanted people out of your living room.

Bad habits

Many people use easy passwords to remember such as their name, phone number, or street address. Although convenient, this is a very insecure way to store information. If you are going to use something that is so easily breakable, why have it at all? Why even have doors on your house? Having a weak password is an invitation for intruders to come in.

Why they are breakable

You already understand the need for a deadbolt instead of a doorknob without a lock. If an intruder wants to break in, it is much more difficult to get in through a door with a deadbolt, doorknob lock, chain lock, and guard dog behind it. You may also understand the tools necessary to break in become more complex as you increase security to your front door. Instead of simply turning a knob, they might need a lock pick kit and a sirloin for your dog. What you may not realize is what it takes to crack a password on your computer. If a user can gain remote access to your PC and they are prompted for a password, they also have tools available at their disposal.
A tool to crack passwords is known as, simply enough, a password cracker. They come in two basic varieties, dictionary and brute force. A dictionary cracker generates passwords based on word lists. These passwords are tried against the login of the target machine until one works.
Password lists can be made to suit the target. An attacker can gather information from knowing you or your Facebook page, which is why if you got your new dog scruffy for your February birthday, your password should not be scruffy02.
A brute force cracker, on the other hand, tries all possible combinations of characters until the correct password is chosen. This can be time consuming, but given enough time, it can usually do the job. However, the weaker the password, the less time it would take to crack, which takes us to…

Strong Passwords

The equivalent of a deadbolt lock on a steel door (difficult to break) is the use of a strong password on your computer. The same goes for all of your online accounts. What is meant by ‘strong’? A long and complex password, which has at least 8 characters including upper case, lower case, numbers, and special characters. The shorter and weaker your password is, the faster it can be cracked.

Creating strong passwords

You may ask yourself how to create a strong password, or how you will remember them if they are so complex. The answer is to follow the steps below.

1. Use a phrase instead of a word.
Example: Instead of a word and number that means something to you, like scruffy02 (a weak combination of your dog’s name and birthday month), think of a phrase that means something to you, like “my dog scruffy was a pleasant birthday gift”

2. Take the first (or last) letter from each word to make a set of letters.
Example: “my dog scruffy was a pleasant birthday gift” turns to “mdswapbg”

3. Substitute certain numbers and special characters for certain letters.
Example: The number 4 resembles an “A”, the number 0 looks like an “O”, the symbol $ could be an “S”. Use these, or other creative uses for numbers and symbols to replace those letters in your password.
mdswapbg turns to md$w4pbg

4. Add punctuation before, after, or both.
md$w4pbg turns to md$w4pbg!

5. Capitalize strategic letters.
md$w4pbg! turns to Md$w4pbG!

6. Add extra symbols for strength
Md$w4pbG! turns to *Md$w4pbG!*

And there you have a much stronger password than scruffy02. This may seem a bit extreme at first, but after typing it out a few times, you’ll get used to it and you’ll remember it.

Other password tips:

Use a separate password for each account. If your password is stolen or cracked, all of your accounts will be compromised. Do not take this risk.
Never give your password to anyone. This includes emails requesting your password threatening to close your account (referred to as phishing scams), to your co-worker ‘just this once’, or to your dog scruffy.
If you must write down your passwords, do so on paper (not on your computer!) and keep them locked in a safe.
Change your passwords on a regular basis, at least every 60 days. Remember, given enough time, pretty much any password can be cracked.

Remember, all of this is only necessary if you prefer to keep your information private.