What to Consider When Making a Password

Tips for Creating a Secure Password

With the ubiquity of technology in our society, passwords and logins are becoming omnipresent. In the early days of technology our password knowledge was reserved for our debit card pin number and the combination lock on our household safe. Nowadays, we have passwords for numerous online interactions and transactions, like email accounts, bank accounts, social media accounts, administrative logins for work and personal computers and other accounts. Even your nifty RunKeeper app that tracks your daily fitness activity requires a password login.

The inherent nature of all these passwords begs the question: how secure is my information? Doesn’t the increase in technology use correlate with an increase in hacker prevalence? For more information on this, look at The State of Cyber Security, presented 2011 by Sophos and the National Cyber Security Alliance. You might not be concerned about an intruder learning your personal weight loss over the past two months, but someone cracking into your online banking account or personal email could be a cause for concern. Stress no more with these simple tips for protecting your personal information.

Be Unique

Remembering individual passwords for all of your accounts can be a challenge. For many people, that means upwards of six unique passwords. However, using the same password, no matter how strong it may be, across multiple sites is not a good practice. If you need help remembering your passwords, there are many secure password management systems to help you keep track. Kee-pass is free and the most popular password manager.

The 10 most common passwords NOT to use are:

• password
• 123456
• qwerty
• abc123
• letmein
• monkey
• month followed by year  i.e.  September 2013
• password1
• link182
• your first name

Pick a password that is hard to crack. Never use any of the ones listed above.

Longer is Better

The fewer pieces to the puzzle, the easier it is to solve. As a rule of thumb your passwords should contain a total of 12 characters, eight letters and four unique characters. The use of a 14 character password is the best for encryption. To see how good your password is, you can use sites like Strong Password Generator, or The Password Meter. Yet Another Password Meter and Microsoft Password Checker are good tools to help you create a strong password.

Use a Variety of Characters

Use uppercase letters, lowercase letters, numbers, symbols and spaces. Many experts recommend a minimum of four of these complex characters. For instance, “PasS WorDs!” contains a space, upper and lowercase letters, and a symbol.

You should use at least three of the four character sets (uppercase, lowercase, numbers, and symbols) found on your keyboard. Using characters not found on your standard american keyboard may compromise the security of the password because it may not work correctly. It is best to avoid this practice.

Using, “Phrasing” I.e. the first line in your favorite song, for example: Mary had a little lamb, 1 “Mh@al,lw!fw” also known as “Patterning” is using a letter pattern from your keyboard, such as a square or triangle to develop your password can help you remember it.

For more on phrasing and patterning watch Bryan Shanafelt’s YouTube video on how to create a strong password.

Avoid Personal Information

You might think no one knows that your favorite pet is Fido, your first love was George, or that your grandfather’s middle name was James. However, this information is simply too easy for experienced hackers to crack. Avoid personal information like names in any form, birthdays, anniversaries, simple passwords, words from the dictionary or common misspellings of dictionary words and social security numbers.

Change Your Passwords Frequently

If you frequently alter or update your passwords, it makes them more difficult for someone to figure out. For security, do not use “auto-save” to save your password. Avoid non-secure public Wi-Fi networks like a library, Internet coffee shop, hotel lobby etc. Make sure you change your password each time you use any non-secure network and when you have traveled outside of the country. If you do use public Wi-Fi, remember that the data you enter can be intercepted by other people. Your username, password and private information can be compromised by hackers using remote software to track your keystrokes.

Never show your password. Do not store your password in an e-mail program as your stored password can be retrieved by many of the computers spyware and viruses. Lake Forest MBA’s provides an in-depth discussion on how to create a secure password.

Again, if you are concerned about managing and changing passwords for multiple sites, consider utilizing a management system to keep track for you.

Avoid Easy Security Questions

Many sites have security questions as a form of back-up for when you forget your password and wish to reset it. Do not choose questions or answers that are obvious. The high school you attended, the first car you drove or your favorite food might be public knowledge. Choose your questions wisely, and try to be creative. Cacrsecuritymatter.com offers some great advice in their YouTube videos about choosing good security questions and answers.

By following the above rules of thumb, and the advice of search engines like Google’s good to know online safety, you can keep your password safe. Your personal and business accounts will remain more secure. Where there is secret information, there will always be people trying to unlock it. Protect your passwords by making them challenging for hackers to crack.

In addition, know you can password protect other sensitive information as well. Make sure to use an up to date browser and check by doing an i.e. “Google Search” of other URL’s to protect against phishing scams. Keep your firewalls antivirus software, Ad-Aware, and Spybot software up to date as well. Safety is the best line of defense to secure your passwords.

Additional Links

• Kee-pass, by Password Management System, is an Encrypted Data Base using only one Master Password
• Tips for Creating Strong Passwords, by Windows-Microsoft.
• Blog Tyrant says always use https:// which is secure. (http://) is not secure
• Steps For Selecting Strong Passwords, by WordPress.com.
• Security Tips for Protecting Passwords, by The Department of Homeland Security Website.
• YouTube for Kids, by Securemama.com. This article explains “Safe Search” which is a parental control for kids on YouTube.

Videos

• How to Create and Maintain a Secure Password, by Wartex8, YouTube.
• Protect Your Passport from Key Loggers and Hackers, by Wartex8, YouTube.
• Creating a Secure Password, by C.C.I., Connecticut Consulting & Implementation & C. T. Consult, YouTube.
• Guide to Choosing a Strong Password, by KComITServicedesk, YouTube.
• How You Can Prevent Your Password From Being Hacked, by FastxTrack, YouTube.
• A Guide to Password Security and Why You Should Care, by CBS interactive, howto.cnet.com.
• Secure or Delete Saved Passwords in Firefox, by Nicole Cozma, howto.cnet.com.

Education

• INFRAGARD Free Cyber Security Training Resource, by infragardawareness.com.
• SANS Information-Computer Security, by sans.org.
• Understanding Computers and the Internet, by Harvard-Extension Schools, -iTunes-web site.