<

What’s the Password? How to Create Easy to Use, Strong Passwords to Protect Your Important Stuff

Published on
12,620 Points
5,220 Views
9 Endorsements
Last Modified:
Approved
Community Pick
Most computer users do not realize how important their passwords are. Here’s the straight scoop on why you need a good password and how to create super strong passwords that are easy to remember and hard to crack.


Thieves Are Trying to Steal Your Identity.

If criminals can figure out your password, they know that they will have access to your email, your online bank accounts, even your social security number. They can break into your computers, steal your files, steal your identity, reset your bank account information, steal your bank account, buy houses in your name, buy boats and airplanes in your name.

They will sell your information on the internet for $10 USD to other criminals who will use it to buy and sell drugs.

You might think this to be an exaggeration, but each and every example I gave above is true. Once your information is on the internet and can be sold, criminal rings who specialize in identity theft and internet fraud can do just about whatever they want with you.

Your identity will be sold for as little as $10 in an internet chat room, and it will cost you thousands and your good name before you can restore your life.

All because you were too lazy to get a good password.


Thieves have automated the process

Criminals are not going door to door looking for victims. Instead, they have created computer programs that scan the internet to find your computer, your email box, your website, and other pieces of your digital life. Once they find it, they attempt to break in. The process is 100% automated.

Criminals use computer viruses and other automated methods (as well as social engineering, but that’s another topic for another time) to steal your information.

If your password is weak, it can take as little as a few minutes (or even seconds if you’re using a date as your password), and then: boom! You’ve been compromised.


What Makes a Strong Password?

Ideally, a strong password must:

Have uppercase and lowercase letters.
Have some symbols (!@#$%^&*)
Be NO LESS than 11 characters long. (20+ recommended).
Be wholly random or an amalgamation of mnemonics.

How to Create a Strong Password

The easiest way is to use a random password generator. There are many free ones available on the web such as PC Tools Random Password Generator and Gibson Research Corporation’s Perfect Password Generator.

Of course, if you create such passwords, then you either have to memorize them, or store them in a secure way so you can look them up later.

Everyone should have at least one secure password they use that is memorized. For everything else, I recommend a password manager. Two I recommend are:

Plato Password Manager
Both of these programs will generate random passwords for you, and also store them in an encrypted database. The only difference between the two is Plato Password Manager (which appears to be based on KeePass) will have commercial support for license holders.

The encrypted database part is vitally important. This means that if another person was to gain access to the database either by stealing your computer, using it while you are away, or if it were to be stolen by a computer virus, spyware, malware, or other “hack” attack, the bad guys would be unable to read or use it.

Use these password managers to generate random passwords for all your accounts. Every account you have should have its own unique and random password. This way, if one password were to be compromised, all the other accounts would be safe.


Memorize your ONE strong password

You have to memorize at least one strong password. Mostly because you need to use it to encrypt your Keepass or Plato database.

The preferred method is to use a random password generator to generate a password that appears to be easy for you to remember, and then just memorize it.

A second method is to use a mnemonic or series of mnemonics with l33t (pronounced “leet”). For instance, we could create a unique password by combining several sentences and then use the l33t orthography to substitute numbers and symbols for certain letters.

Our example sentence could be:

There are nine planets in our solar system. Mary’s violet eyes make john stay nights up pondering.”
(In case you don’t know, Mary’s Violet Eyes Make John Stay Nights Up Pondering is a mnemonic for Mercury, Venus, Earth, Mars, Jupiter, Saturn Uranus Neptune Pluto).

Using the first letters of each word in this mnemonic, our password becomes:

Tanpioss.Mvemjsnup
Using l33t orthography, our password becomes:

T@np10ss.Mv3mjsnup
This password is 18 characters long, but still only registers “99%” at passwordmeter.com.

To increase security, we’ll add 2 more symbols to make the total length of the password 20 characters.

a starting “=”
an ending “%”
So the password is
=T@np10ss.Mv3mjsnup%
Now, we have a “100%” rating on the passwordmeter.com.


Is Your Password Good Enough?

Before deciding on your final password to memorize, you should run it through passwordmeter.com.

It will give you a good indication of how difficult it will be for hackers to break your password. A rating of strong is the minimum recommendation, and a rating of “best” is…well… best.


Conclusion

The inherent dichotomy between the usability of a password and its security is a thorny issue. Many users will constantly complain about the complexity of their password. “It’s too long” they may gripe. “I can’t remember it” they will moan.

The minuscule pain they feel working with a secure password would be a welcomed joy in comparison to a compromised user account, hacked bank account, or destroyed network.

In reality, allowing users to set their own passwords using both the mnemonic technique described above and incorporating l33t is the best way of ensuring user compliance. Of course, just telling them “use mnemonics and l33t” is not going to work. For best results, have a lunch and learn and teach these principles to your users. Allow them to ask questions. Achieve “buy-in” as much as possible.

For the sake of the network, you may have to force their hand and create random passwords for them, but this should be a last resort.

Meet the author on Facebook! Send a Friend Request!

This article is a reprint of What’s the Password? How to Create Easy to Use, Strong Passwords to Protect Your Important Stuff.

Used with Permission.
9
Author:DrDamnit
Ask questions about what you read
If you have a question about something within an article, you can receive help directly from the article author. Experts Exchange article authors are available to answer questions and further the discussion.
Get 7 days free