Tuesday, January 17, 2012

Repost - Creating the Perfect Password

If it was up to many computer geeks we would all have passwords like:

gaidnjkt734$%8FJb%4jhgsyoduh5bfoFRDTgbfa746729.,lo][danj338u9dbt

If it was up to Grandma, all our passwords (assuming we actually had to have one would be:

f

Somewhere in the middle there has to be a solution, and guess what? There is. But before I get to password creation, let's review the rules:
  1. All passwords you have, on all sites, must/should be different
  2. None of your passwords should be a real word (in any language) or a simple variation of a word (p455w0rd is out).
  3. You cannot use the names of your spouse, children, grandchildren, dog, cat, hamster, boss, chimpanzee, or their phone number.
Now to pick a password - here is a lesson from the wonderful comic XKCD (Entropy is a measure of how complex your password is- more is better)



The essential idea is that you don't need to use an insanely complex password like the computer scientists want you to use - too easy to forget. If the attacker can't guess your password through password dictionaries or Social Engineering techniques (like finding out your dog's name and using that) then they have to go to "Brute Strength" and the main defence against that kind of attack is length - the more letters and characters the better.

To make it easy to remember all the different passwords, have a system. For example, your email password could be "DearAuntSallyThankYou4theLetter". Your Facebook password could be "2BlueEyesMobyDick". You get the idea. Come up with a creative password that is long, but easy to remember. If you have troubles, try verses from your favorite song or religious text - you'll be surprised at what you can remember. As little as four words can make your account fairly secure - unless your name is Warren Buffet or Bill Gates (then you might want to use the ugly password at the start of this article).

If you happen to have a site that limits the length of your password (which I think is dumb), try using a password like this:

ODbtptprc!

If you can't remember this password, think of the song "Danny Boy" which starts:

Oh Danny Boy, the pipes, the pipes are calling

Now if you excuse me, it's Friday, Friday . . .
Posted by at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)