More about passwords

I hadn’t planned to talk about passwords again so soon but I came across a couple of interesting discussions on this topic recently, and there are so many different opinions on what constitutes a good password, I decided to come back to it here.

I was with a client yesterday who told me her password, gave me a clue to help me remember it, and told me she uses the same one for everything, logging onto her PC, logging in to her accounts and payroll packages, logging into her electronic banking. This is not a good thing to do.

So for me, a good password is one that: 1) is easily remembered, 2) won’t be guessed easily by someone who knows you, and 3) will be able to resist brute of force and dictionary attacks.

Which means I don’t have passwords that are related to my family or Liverpool Football Club, 2 of my major passions in life. There are a few good tips about creating effective passwords that I came across agian in the past week.

1 – Take two words, (computer & software), and merge them, (csoomfptuwareer), and then exchange letters for capitals, numbers & special characters, (c5OomFptUw@re3r). This works but is a bit convoluted, and hard to remember

2 – Take a word, (computer) and type the letters using different keys, (eg move your fingers 2 keys to the right – zubiteqw). Then you can intersperse with caps, nums & special chars as required. 

3 – Hit the keyboard at random with all your fingers, and take what your given. (eg ;oi.kbpubia;beau)

Any of these will work. I suppose I’m more concerned about what doesn’t work. Examples of what doesn’t work include:

Using the word “Password” or the word “blank”

Using your name, your partners name, your kids name, your pet dog, cat, hamster or snakes name, using your favorite team, your favorite singer, your favorite color, your favorite author etc.

Using something so complex that you can’t remember it and end up having to write it down in your diary, or better still, on a little yellow post-it that you stick neatly to the side of the monitor.

Telling everyone your password, “in case I forget it”

If anyone out there has any other tips or things to avoid, let me know.

Advertisements

One Response to More about passwords

  1. David Haslam says:

    Try Whisper32 from http://www.ivory.org/whisper.html
    It’s a free password manager.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: