Safe and Secure on the Web: Good Passwords

Passwords are your first line of defense, but if those passwords are too weak, they can be the weakest link in your online security. Here are a few tips to keep in mind, to prevent embarrassing and potentially costly security lapses.

How NOT to make a password:

When some jerk (human or robot) tries to hack into your site, one of the most common techniques used is known as a dictionary attack, which is simply an automated way of trying every word in the dictionary, as well as common names and dates, as a password.

That’s why you don’t want a password that’s a single word, name or date. Adding numbers and punctuation make passwords more secure but harder to remember. Many people try substitutions, for instance “p455w0rd”. But this doesn’t make passwords much more secure, as many password-cracking programs will try common substitutions.

So what makes a good password?

Combining letters, numbers, symbols and punctuation in a random fashion makes good passwords. Passwords should also not be recycled, meaning that you shouldn’t use the same password for Facebook, email, and bank account.

Now we’re faced with a different problem: having a jumble of letters, numbers and symbols makes memorizing passwords really difficult! How does one remember it all?

Keeping track of them all

Method 1 – Keeping them in your head

One way to make a password that’s complex AND easy to remember is to start with a sentence. For instance, “I bought my best friends Tom and Jill sweaters for Christmas.”

Substitute symbols and numbers for appropriate words: “I bought my best friends Tom & Jill sweaters 4 Christmas.” Then break it down to the first letters of each word: “IbmbfT&Js4C.”

Now you’ve got a secure password that you can actually remember, and you can customize it for different sites using a system like this:

  • IbmbfT&Js4C.Fb (for Facebook)
  • IbmbfT&Js4C.Tw (for Twitter)
  • IbmbfT&Js4C.eB (for eBay)

Method 2 – Use a Password Management Service

If you want to get advanced, try a password management service like PassPack or LastPass.

Using these services allows you to:

  • Remember one master password, and use it to access the rest of your passwords.
  • Generate random secure passwords for your other accounts.
  • “One-click log in” to your other accounts

Get Started

Most likely you’ve got some “so-so” passwords floating around, and it might seem like a pain to change them all. To make it easier, try changing passwords one site at a time. Next time you log in, change your password for that site. After a week or two most of your passwords will be up-to-date, and your online life will be much more secure!

Share your experiences in the comments! If you have a good system for creating or remembering passwords, or if you have horror stories, let us know below!

Share this:

About Karyl Gilbertson

Karyl is New Harvest Media's Creative Director. He is passionate about design, and pretty stoked about things like web standards, usability, and Wordpress too.

One Trackback