Tips for creating a secure password
How can I create a secure password?
Update: Read this first: Choosing a Secure Password by Bruce Schneier, Feb. 25, 2014
Your password is your key to access important personal information both on your computer and online. Should criminals or other perpetrators discover your password, a wide variety of consequences ranging from loss of privacy to identity and credit theft can ensue. Fortunately, creating an effective and memorable password is fast and easy, and these tips will help your ensure your information remains protected.
What makes a strong password
Make it lengthy. Your passwords should be 8 or more characters in length; 14 characters or longer is ideal.
Combine letters, numbers, and symbols. The greater variety of characters that you have in your password, the harder it is to guess. Other important specifics include:
- The fewer types of characters in your password, the longer it must be. A 15-character password composed only of random letters and numbers is about 33,000 times stronger than an 8-character password composed of characters from the entire keyboard.
- Use the entire keyboard, not just the most common characters. Symbols typed by holding down the “Shift” key and typing a number are very common in passwords.
Use words and phrases that are easy for you to remember, but difficult for others to guess. The easiest way to remember your passwords and pass phrases is to write them down. Contrary to popular belief, there is nothing wrong with writing passwords down, but they need to be adequately protected in order to remain secure and effective.
Use these steps to develop a strong password:
- Think of a sentence that you can remember. This will be the basis of your strong password or pass phrase. Use a memorable sentence, such as “My son Aiden is three years old.”
- Check if the computer or online system supports the pass phrase directly. If you can use a pass phrase (with spaces between characters) on your computer or online system, do so.
- If the computer or online system does not support pass phrases, convert it to a password. Take the first letter of each word of the sentence that you’ve created to create a new, nonsensical word. Using the example above, you’d get: “msaityo”.
- Add complexity by mixing uppercase and lowercase letters and numbers. It is valuable to use some letter swapping or misspellings as well. For instance, in the pass phrase above, consider misspelling Aiden’s name, or substituting the word “three” for the number 3. There are many possible substitutions, and the longer the sentence, the more complex your password can be. Your pass phrase might become “My SoN Ayd3N is 3 yeeRs old.” If the computer or online system will not support a pass phrase, use the same technique on the shorter password. This might yield a password like “MsAy3yo”.
- Finally, substitute some special characters. You can use symbols that look like letters, combine words (remove spaces) and other ways to make the password more complex. Using these tricks, we create a pass phrase of “MySoN 8N i$ 3 yeeR$ old” or a password (using the first letter of each word) “M$8ni3y0”.
- Test your new password with Password Checker. Password Checker is a non-recording feature on this Web site that helps determine your password’s strength as you type.
For more information on password security, make sure to check out these sites:
- http://www.microsoft.com/protect/yourself/password/create.mspx
- http://netsecurity.about.com/cs/generalsecurity/a/aa112103b.htm
- https://kb.ucla.edu/link/145
Reference:
http://www.microsoft.com/protect/yourself/password/create.mspx