In light of the recent password shenanigans with Apple, Twitter, and Amazon, I’ve decided to share a few simple “best practices” for choosing and maintaining your passwords. We’ve all got a ton of passwords, and if you’re anything like me, the list grows with each passing day.
All of these suggestions are simple, most of them are common sense, and I take no credit for any of them. I’ve read about them over the years and adopted them for my own use, and I encourage you to do the same. Doing so may help you avoid a catastrophic loss of data, private emails, and anything else worth protecting with a password… such as nude photos of your girlfriend. Priorities, right?
Choosing a Password and Keeping It Secure
- You know how many sites suggest using a combination of letters and numbers for your password? Yeah, well… do it. The amount of people using passwords like “angel” or “jesus” are staggering, and these people aren’t doing themselves any favors. Avoid any word found in the dictionary, as they’re incredibly easy to break using dictionary files and brute force attacks.
- Pick a password that’s easy for you to remember. That may sound counterintuitive, but people often create lengthy passwords they can’t remember. What happens then is that they write them down in a notebook or on a slip of paper, and leave them sitting around. See the problem here?
- In order to make your password memorable while still making it difficult to crack, decide on a “system” for creating passwords. As an example, you could decide on a core password that never changes, such as “a2b793”, and then make changes based on the place you’re using your password, ie: “[email protected]” for your online banking. Notice the “[email protected]” in there? It’s a simple way to remember the password using a variant of a real word. Bank is a dictionary word, but “[email protected]” won’t be found in the dictionary.
- If you have a lot of passwords that you rarely use, and don’t feel they’re worth remembering, use a program called KeePass to store them. It’s essentially an encrypted digital notebook that stores as many passwords as you like. When you need to access them, you open the program, type in a master password, and then have full access to all your other passwords. It’s an extremely handy piece of software, and you can even store it on a thumb drive.
Choosing a decent password doesn’t need to be complicated, but it does take a bit of thinking, and I know that many people really hate doing that. Don’t be one of those people… they’re stupid, and being stupid has some major drawbacks. There’s nothing fun about losing your email or even *gasp* access to your Twitter account. These problems often come down to laziness, and both of these (and just about anything related to account hacking) can be avoided if you just follow my suggestions. Yes, I know I’m awesome, and you’re welcome.
I realize these are just a small collection of password tips and suggestions, but they’re the ones I use most frequently. If you’ve got something to add, please leave a comment below, as I’m fascinated by security and will gush endlessly with you on the topic.