By Ryan Owens
When many people think of someone “hacking” their passwords, they think of a person sitting in front of a computer randomly attempting passwords that they believe will work. This is not always the case. There are computer programs that are capable of discovering your password by searching through thousands of passwords using words from dictionaries, Encyclopedias, and information from the Internet in a matter of minutes. Many security firms, such as Trustwave will make a list of the “most used passwords,” and the results are often shocking. The most popular passwords are “password,” “iloveyou,” and “12345.” Using your own name is also very common. Anyone trying to hack into your account will check for these right off the bat. Here are five tips to think about when creating your passwords:
1. Change your passwords regularly
Very few people change their passwords regularly (every four to five months). Changing your passwords ensure that you are less likely to be hacked. Try setting an appointment in your calendar to remind you to change your passwords.
2. Use a password manager
A password manager will help you organize your passwords. The manager will hold all of your passwords in one database that will make it easy to remember and manage your passwords. There are plenty of password managers out there. Among them are two favorites: KeePass and 1Password.
3. Do not make your passwords too short
The longer your password is — the more secure it is. Period! There are websites that force a minimum password length and other requirements. However, you should never settle for just the minimum. Every additional letter makes the password harder to crack. It is ideal to have 12-14 characters in your password. Even a simple password such as “AAAAA!!!!!!!!!!” is just as effective due to the length of characters.
4. Do not use the same password everywhere
With so many websites requiring a logon and password, it is often easier to use one password for any website or program you use. Using the same password for multiple websites and applications helps to cut back on remembering several different passwords. However, if someone gets a hold of your password for one site, they will also have a good chance of gaining access to other websites you use. This can be avoided by using multiple passwords, combined with a password manager to remember them all.
5. Do not be obvious
Using obvious choices such as your name, your hometown, your phone number, or you birth date will likely result in your passwords being in jeopardy. Do not use information that can be associated with you and do not use simple terms. Simple terms can easily be hacked by using a computer that will search terms from a dictionary. Also, do not store your passwords in obvious places such as post-it notes under your keyboard or on papers near your computer. It is best to not write them down at all, but instead use a password manager.
Options for creating a strong password:
- Use the first letters in a phrase or song that is familiar to you. For example, you could use Nirvana’s song “Smells Like Teen Spirit.” Your password would then be something like “SLTS.” To remember the password, all you have to do is sing the song to yourself. You can use this with any song or phrase.
- Use a mixture of upper/lower letters, numbers, and punctuation marks. You can even substitute numbers for letters. Examples of this include:
8 = B
3 = E
5 = S
0 = O
This would mean the word “scuba” would become “5cu8a.”
Use a master password and a site rule. This technique is very popular – create one secure password, then use a rule for each different website. For example, your master password could be “55itigt8” and your rule would be to place the first and last letter of the website at the beginning and end of your master password, respectively. In this case, your Facebook password would become “f55itigt8k” and your Yahoo password would become “y55itigt8o.”