How To Create Good Passwords | Password Management - Page 1 of 2


In this tutorial I give tips on how to construct a strong password for your home or business computer. A well chosen password is one element of what should be a multi layered approach to computer security. A good password should be something you can remember. Don't write your password down on a slip of paper and stuff it in your desk drawer or under your keyboard. If you do this you defeat the purpose of a good password. Have a great day! Tom

A strong password is an essential element to your personal and computer privacy and security. For a password to be strong, it should:
  1. Be at least 10 characters long. Some of the more popular password cracking programs (freely available on the Internet) begin cracking with a default of 8 characters. I suggest you create passwords with 16 or more characters for any online/internet based accounts.
  2. Contain characters from each of the following three groups:

Group Examples
Letters A, B, C... (and a, b, c...) (use upper and lowercase)
Numbers 0, 1, 2, 3, 4, 5, 6, 7, 8, 9
Symbols ` ~ ! @ # $ % ^ & * ( ) _ + - = { } | [ ] \ : " ; ' < > ? , . /

When you create a password for your computer DO NOT use words that can be found in any dictionary, in any language. DO NOT use the same password on both your home and office computer. DO NOT use the same password on your computer that you use on any Internet account. DO NOT use a predictable pattern, example: tommy27, tommy28, for multiple accounts. DO NOT use the same password on more than one computer. DO NOT use the same or similar password within a 12 month period. Never use variations of previous passwords. Never create passwords using personal information of any kind. DO NOT use your name, user name, favorite color or sport, birth date, social security number, pets name or child's name.

When you create your password try to select the characters for the password in a random manner. THE MORE RANDOM the order and variety of the numbers, letters and symbols in your password THE STRONGER THE PASSWORD BECOMES. Use "The Password Meter" as a guide to measure the strength/quality of passwords you create. As I mention in the beginning of this article a good password should be something you can remember. Don't write your password down on a slip of paper and stuff it in your desk drawer or under your keyboard. If you do this you defeat the purpose of a good password. Change the passwords to critical accounts on a scheduled basis. This limits the potential damage that could be done if a password to one of your accounts is stolen/compromised.

keeping track of your passwords

If you use the Internet to do your banking, shopping or pay your bills you probably have at least a few usernames/passwords you need to remember. How do you remember all of these passwords? A "password manager" is a small program you install on your computer that stores all your usernames, passwords in one place. Instead of remembering multiple passwords you only need to remember one password to open the password manager. The password manager you choose should protect your passwords and usernames by encrypting them.

Encryption will help protect your passwords/usernames from unauthorized access in many different scenarios. Encryption will NOT protect the confidentiality of passwords if your computer is infected with malware that utilizes keylogging technology. Keyloggers are capable of recording each key stroke you type. The recorded keystrokes are then transmitted to the malicious individual or organization monitoring the keylogger. Keep your antivirus and antispyware software up to date to help detect keyloggers installed on your computer.

Password Agent Lite and KeePass Password Safe are excellent, FREE password managers. Both programs allow you to set reminders when passwords should be changed. They also provide the functionality to create passwords for you. You can vary the complexity and length of each password the program creates for you to suit your needs. The password generation feature will allow you to use complicated, harder to crack passwords for each account. You can change from using easily cracked or guessed passwords to more secure passwords like H^vZH*`Z0hSjH7CA or /`z8ic"AR$wojb/d,vbI:`NB.

If you are able to choose the username for an account I suggest you create a complex username in addition to a complex, strong password. You can use the password generator included with the password manager to create and store your username. A password generator works well to create strong keys for wireless networks.

Verify Your Passwords

Verify the generated passwords you create with your password manager meet the standards I've outlined in this article. As I mention above, the password manager you use should encrypt any passwords and usernames you store in it. There are different types and strengths of encryption, some better/stronger than others.

NOTE: Some systems and services have specific requirements and limitations placed on the length and complexity of the passwords you can use. For example, some systems or services may not allow you to use certain special characters (,,#.&&/-!,) when you construct your passwords. Review the password creation guidelines required by the company or service.

Page 1 | 2 | Next

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.