Passwords are a necessary evil on the Internet because no better system has been developed to secure information. Major problem is that most people use common passwords and use them in several places. Passwords don’t need to be complicated to make them safe. There are simple strategies that make your passwords secure and easy to remember.
The best way to have a good password is to make it long. It doesn’t need to have numbers or other characters to make it stronger as that makes it harder to remember. I use the silly random word system that makes it easy to remember but long enough to make it safe. If the service you are using requires numbers and other characters you can always throw them in somewhere.
The system involves using 3 more words in a row that make sense but not necessarily common place. So a phrase like “eatmyshorts” might seem long enough it is a well known phrase to a Simpsons fan and if somebody knows you that might cotton on to that fact. A phrase like “eatmybeetrootatnight” is better because its funny, it makes a little sense and it is a long password. If a number is required you could do a phrase like “3catsate4dogsatlunch”. Again, a little funny, sufficiently random and long enough to make a guess near impossible.
Some people get creative and look around them and see common objects which is also a bad idea. Generally there are things people will do to make there passwords that are bad practices because a lot of people do it so the naughty people will try those first. Here is my list of don’ts.
- Don’t use people you know names or birthdays
- Don’t use address, passions, hobbies anything that is personal to you.
- Don’t use passwords you have used elsewhere, its a pain, but every password should be different.
- Passwords if they are good don’t need to change to be safe. But if you tell someone, change it.
- Ideally should be more than 10 characters, banking ones should be 15 plus.
- Consider what you are protecting, banks need maximum length, web sites that have your credit card details also need strong passwords.
- Websites that have no information about you and you can afford to loose you can have simpler passwords and even the same password. So web sites I infrequently use that are just informational like my “FlipBook” News account have a trivial password because if I loose the account I don’t care.
- Have multiple email accounts and use one of them for the trivial accounts so if they get the account you can walk away from that email if it gets spammed or hacked.
Some web sites have better security than others. For my really important accounts I have “two factored authentication”. That means every time I log into that site it also sends me an SMSmessage which has another code that I need to enter as part of the login process. That make it near impossible for someone to login to my account without my knowledge. Some “two factored authentication” will send you an email with a code that you need to enter as part of the logon process. Oddly my Bank doesn’t have that feature yet my Game Account does. Reason being is Banks don’t like to support that as it creates support nightmares fro them and they rather not have the extra work.
The last piece of advice is that you need to store all of those passwords somewhere in a safe place. There are password managers for that job. Ideally the password manager needs to work on your desktop computer and your phone. So you can access the information when you are at home and on the go. I store all my passwords except the banking one in my password manager. As I don’t trust the password managers 100% which is wise but some will disagree with me on that point.