13 February 2013

The Complete Guide to Writing Passwords

Writing a good password is a skill that a surprisingly high amount of people lack. Many password tips will tell you not to use the same password for everything. I agree. But it's becoming impossible to remember a password for each and every account you have, which is why several different passwords are enough. However, having one password that will unlock many accounts makes it easier for a person to access all of those, once he knows your password. That means you have to make the decision about which accounts are really important and which accounts don't matter as much. So how can you write a hard-to-guess password? 

There are plenty of password testers out there, such as howsecureismypassword.net, which is what I used to determine my password strength (results above). But don't be fooled: these password testers can only do so much. What they recognize is the variety of characters you use, like symbols, numbers, capital letters and lowercase letters. You want to keep in mind who you are trying to protect your account from more: computers or actual people? For instance, if you want a good password for a home computer account, you'll want to choose something hard for people around you to guess. If you're trying to create a passcode hard for a computer to guess, these password testers aren't always accurate, sometimes a password like "!A56h$32" is a lot easier to guess, with the help of a computer, than a password like "dontgiveuphope". You'll also notice that the latter is much easier to remember. So how can you make that password harder to crack? Try these steps:
  1. Find a phrase or title of a song you like: "dontforgettolive"
  2. Capitalize where appropriate: "DontForgetToLive"
  3. Add punctuation: "Don'tForgetToLive"
  4. Add punctuation in the form of emoticons: "Don'tForgetToLive(:"
  5. This one's if you have a really good memory; substitute letters for numbers: "D0n'tForg3tT0L1vE(:"
Notice that I didn't substitute ALL the o's with 0's, and so on. Password hacking programs are equipped to substitute numbers for letters! So it is at your own risk that you substitute these letters with numbers. 
The password we finally came up with, when plugged in the the password tester I mentioned, estimated this computer cracking time:

That is a lot of years. Remember, however, that testers calculate all the possible combinations for your password, multiply that by the time it would take to try each one. Of course it is not perfectly accurate.

So those were tips on how to write a good password. But what about the don'ts? What do you absolutely not want to do?
  • Don't use numbers in a patterns. A passcode that contains "123", "111", or "246" and the like is very, very easy for a person to guess, and even more so for a computer.
  • Don't put your username or other identifying information (i.e., your name, birthday, country, pet name, teacher name, etc.) in your password.
  • Don't use only one type of character. Use a variety, to make it more difficult for hackers.
  • Don't use letters in patterns, either. "asdfghjkl" and "qwerty" are the easiest passwords to guess, ever.
  • These should be obvious: don't write down your password. Don't tell people your password; if necessary, not over a connection but in person. Over a connection, everything is recorded.
  • If required to change your password, don't make it similar to the previous one. It should be completely different.
  • Don't use extremely common phrases, like "LiveLaughLove<3" or "SharingIsCaring". Plus, those passwords are stupid.
So now you have it: how to write your next password. Keep in mind that this is not your final guide--there are a number of choices that you have to make yourself, depending on the situation. See you soon, or as they say en francais: a bientôt!

No comments:

Post a Comment