I hadn’t planned to talk about passwords again so soon but I came across a couple of interesting discussions on this topic recently, and there are so many different opinions on what constitutes a good password, I decided to come back to it here.
I was with a client yesterday who told me her password, gave me a clue to help me remember it, and told me she uses the same one for everything, logging onto her PC, logging in to her accounts and payroll packages, logging into her electronic banking. This is not a good thing to do.
So for me, a good password is one that: 1) is easily remembered, 2) won’t be guessed easily by someone who knows you, and 3) will be able to resist brute of force and dictionary attacks.
Which means I don’t have passwords that are related to my family or Liverpool Football Club, 2 of my major passions in life. There are a few good tips about creating effective passwords that I came across agian in the past week.
1 – Take two words, (computer & software), and merge them, (csoomfptuwareer), and then exchange letters for capitals, numbers & special characters, (c5OomFptUw@re3r). This works but is a bit convoluted, and hard to remember
2 – Take a word, (computer) and type the letters using different keys, (eg move your fingers 2 keys to the right – zubiteqw). Then you can intersperse with caps, nums & special chars as required.
3 – Hit the keyboard at random with all your fingers, and take what your given. (eg ;oi.kbpubia;beau)
Any of these will work. I suppose I’m more concerned about what doesn’t work. Examples of what doesn’t work include:
Using the word “Password” or the word “blank”
Using your name, your partners name, your kids name, your pet dog, cat, hamster or snakes name, using your favorite team, your favorite singer, your favorite color, your favorite author etc.
Using something so complex that you can’t remember it and end up having to write it down in your diary, or better still, on a little yellow post-it that you stick neatly to the side of the monitor.
Telling everyone your password, “in case I forget it”
If anyone out there has any other tips or things to avoid, let me know.