This week's tip it brought to you by the letters: ********I am going to talk about passwords today. There is many people who have insecure passwords and even some who think that they have a secure one but don't. I am going to give you tips on how to create a difficult and secure password that is also easy to remember. (all the passwords in my examples will have "quotes" around them and should always be ignored)
Take a moment to look at the picture of the keyboard Rubik's cube I put at the top of the post. I've taken the time to learn the secrets of the regular Rubik's cube and by those standards the cube in the picture is several times more difficult to solve. There's a few key point's that I am going to cover to help you create your own secure password that will be just as difficult for people to break as that cube is to solve.
What to Avoid:
The most common mistakes in creating a password is to use either the word: "password" or your username as your password, both of those are bad and shouldn't be done. Some places won't let you even use those as your password. Repetition, adding multiple or sequential letters or numbers, is bad try not to use more than 2 in a row. (example: aaaaa, gggggg, 11111, 12345, abcde... ect) Using the words: "root" "admin" or "administrator" is also a bad thing as they are common default passwords. having all the same type of characters. Using information that you used when registering such as your email address, or your name first and or last birthday. (it's alright to include this information in your password as long as you add other stuff to it. I'll give more details on this later.)
Complexity:
The more complex the password is the more secure it becomes. Just as the cube in my metaphor becomes more complex the harder it is to solve. The keyboard is full of characters that you can use for your password. There is 4 types of characters that can be used for a password they are: letters lowercase and capital, numbers, and then special characters. (!@#$%^&* are some examples of special characters) Most passwords will allow all of the letters and numbers to be used but some of the special characters can't be used, for example the space bar is technically a special character. Most places will require a password length of at least 6 characters but I would recommend longer at least 8-10. Having a complex password using all 4 types of characters with a good length will help to keep the bad people out.
Multiple Passwords:
Most people have multiple logins to multiple places. Email, Banks, Facebook, and other places. Having the same password for everything can be a big risk because some places might not have the same security protection as say your bank does. So "the bad guys" can crack your password in a less secure place and then get access to your bank account. Having a different password for each place is best but can cause issues with remembering your passwords. I would recommend that you come up with 2 or 3 different passwords with different security levels. (I'll cover creating passwords later)
Remembering your password:
So I made up a very secure password: "DFoef22134DSjl3*^&%*342t9dfs\njf" but the second I typed it in I forgot it. Writing it down on paper or typing it in a document on your computer is not a good idea. If some one got access to your list of passwords they would now have access to everything. Pick out 2 things that are memorable to you and turn that into your password. Things like a birth date, pets name, hobbies or other things that are eventful or personal to you. (for exaple: I'll take blog and todays date and make it a password: "blog22811" again I'll be getting to creating a password soon)
Character replacement can help you remember your password. This is where you take a word and replace 1 character with another. Replacing a lower case letter with an upper case letter is very easy to remember especially when it's the first letter of a word. Replacing a number with a special character is also easy to do. Take a look at the number 5 you should see % above it, as you know holding shift while pressing the number 5 will give you a %. So if your creating a password with a date in that has the number 5 some where you could hold shift while pressing the 5 to add more complexity to your password while it's still more memorable than just random characters. Replacing letters with numbers or characters, this can be a little tricky but can help. the characters @ and a, o and 0 (zero), i and !, l and 1, 8 and & all look the same and could be replaced with each other while still making the password memorable.
I mentioned before about creating multiple passwords to help remember multiple passwords I would recommend you create some kind of theme to help you remember them. I'm not a sports fan but if you are you could do something like picking out your favorite teams, players, and combining it with dates they won big games or the players number, using this example you could create an endless number of passwords with a similar theme that will help you remember.
Adding complexity will always make the password a little harder to remember. Make sure that after you pick a password that you practice it a few times to help you remember it.
You can also use a password layout to help remember your passwords. This would be something like always have a name followed by date for all your passwords or holding shift in the same places in all your passwords. (I'll give more examples of this when talking about creating your password)
Chang your password:
Depending on how secure you want your password to be should determine how often you should change it. Things like bank passwords and other financial sites should have the most secure password as well as frequent password changes, every 3 months or so. Other places like facebook or twitter would probably be fine to never change it. Maybe change it once a year if you would really care if some one got in and started posing things that you didn't want them to. Changing your password frequently will increase security but also make it harder to remember. Again keeping a theme and/or layout will help you remember them.
Creating multiple memorable and complex passwords: (yes it's finally here)
I'm going to walk though the steps on creating multiple complex passwords that are easy to remember. First I'm going to pick a theme I like Star Wars so lets go with that. I'll create a low medium and high security password using this theme then I'll create a few High security passwords using a layout with this same theme.
Low: "lukeskywalker"
enough characters to meet alot of password requirements but is all lowercase letters.
Medium: "D@rthV@der"
It's easy to remember to capitlaize the first letter of each name and replacing a with @ is also easy to remember while making the password much more complicated.
High: "@n!k!nSkyw@1ker?"
Take Anakin Skywalker and relpace the a with @, i with ! and l 1 also throw a random character at the end and now you have a very complicated password but is still memorable.
Multiple High passwords using a theme and layout: (remember to not include the "quotes")
"N3wH0p319&&"
"#mp!r3Str!k3s19*)"
"R3turnJ3d!19*#"
Can you figure it out? The theme is still Star Wars but here is the layout. I took 2 words out of the title of the 3 original Star Wars movies followed by the year they were released. I capitalize the first letter of each word and replace e with 3, i with !, and o with 0 (zero). Also if you notice that on the second one I used # instead of 3 because going with the theme I always capitalize the first letter but because it wasn't a letter I held shift while pressing 3 to get #. Also on the date I held shift for the last 2 numbers.
If I change the theme from Star Wars to movies I could extend the theme to an endless amount of passwords. Once you can remember your layout you can change your passwords many times while still remembering it and keeping it complex and secure.
Final note:
I just wanted to mention a few other things that can make passwords more or less secure, you might use some of these but probably won't use all of them.
Saving passwords in your browser: You should avoid these for your more secure passwords. If some one got access to your computer they could get the passwords out of the browser.
Biometric Devices: Most commonly this is finger print reader, the ones you can buy from the store or come built into a laptop are for connivance not security unless you spend lots of money on it. The cheep ones are often easy to break into and contain all your passwords. Also those high tech things you see on the spy movies like retina scans, facial recognition, DNA or hair follicle matches and anything along the lines of matching your password with some physical aspect of your self would be considered Biometric.
Random Password Generator: A device or program that will create a password or code that randomly changes on a set timer that will require you to use the device or software to find out what the password is before you can login. This isn't common and can often require a static password that you set.
Again as always feel free to contact me if you have any questions or need help creating a password. Also I am looking for more ideas for the tip of the week so if you have any question or ideas on more things I can cover please send me an email: warclark@msn.com
Very interesting. Keep up the tips!
ReplyDelete