My work email system has been bugging me for a few days that my password is about to expire. I hate changing my password, but do realize in today's world it has become quite critical to come up with secure passwords and change them often. But how do you create a good password?
Without giving anything specific away, do you have a method you recommend? I used to think I was clever. Here's what I DON'T do any more: make passwords from common words or names and simply swap out some letters with characters that look similar, like "sh@nn0n".
So a while ago I did some research on ways to come up with a better password. I'm certainly no expert, and would love you to share any good ways you've heard of creating and remembering a good one. Since I have to change my password today, I thought I'd share my process.
What I do now is come up with a sentence that I can remember, for example: "Three blind mice see how they run." This I turn into "3Bm$#tr." Okay, it's certainly not the best password, but it's much better than most I used in the past. Of course, don't use a common quote.
Make up your own sentence. Something you can remember, e.g. "My baby girl Sally is one year old" becomes "MbgSi1y0". Have a favorite book? Use the third sentence in the third paragraph in the third chapter to create your password. Just be sure you can remember or look it up easily.
Once you've picked it, make one or two letters upper case. Then change one or two letters to be numbers. And insert one or two non-alphabetic characters, e.g. .(period), !, *, %, &, or #. A few sites restrict use of non-alpha characters, but if they allow it, they increases security greatly.
A few other suggestions:
The longer the password the better; with at least eight characters a minimum. Do not tell anyone, do not write it down, do not save it in a file, etc. Even if someone can guess the words, it will still be hard to guess your password. Putting it on a sticky note on the front of your computer, though, is a very bad idea.
Clearly, don't construct a password from your name, family names, addresses, phone numbers and such. Also don't use words one would find in the dictionary, as some password cracking software starts there. Oh, and writing words backwards doesn't help. If you can think of it so can they.
And don't use the same password for different sites. If you do and one site is compromised they all are. I know it's a pain, but they all need to be different. At least if you must use only one, make it a good one, and add a site specific letter, e.g. insert an extra "f" for Facebook or "y" for Yahoo.
If a website uses password recovery questions, if possible create your own. Don't use things like your mother's maiden name or what city you were born in, etc. Too easy for people to find! And use different questions on different sites, so if one is compromised, they all aren't.
Okay... enough stalling. I need to go create a new password for my email. Do you have any recommendations on a good method?
Without giving anything specific away, do you have a method you recommend? I used to think I was clever. Here's what I DON'T do any more: make passwords from common words or names and simply swap out some letters with characters that look similar, like "sh@nn0n".
So a while ago I did some research on ways to come up with a better password. I'm certainly no expert, and would love you to share any good ways you've heard of creating and remembering a good one. Since I have to change my password today, I thought I'd share my process.
What I do now is come up with a sentence that I can remember, for example: "Three blind mice see how they run." This I turn into "3Bm$#tr." Okay, it's certainly not the best password, but it's much better than most I used in the past. Of course, don't use a common quote.
Make up your own sentence. Something you can remember, e.g. "My baby girl Sally is one year old" becomes "MbgSi1y0". Have a favorite book? Use the third sentence in the third paragraph in the third chapter to create your password. Just be sure you can remember or look it up easily.
Once you've picked it, make one or two letters upper case. Then change one or two letters to be numbers. And insert one or two non-alphabetic characters, e.g. .(period), !, *, %, &, or #. A few sites restrict use of non-alpha characters, but if they allow it, they increases security greatly.
A few other suggestions:
The longer the password the better; with at least eight characters a minimum. Do not tell anyone, do not write it down, do not save it in a file, etc. Even if someone can guess the words, it will still be hard to guess your password. Putting it on a sticky note on the front of your computer, though, is a very bad idea.
Clearly, don't construct a password from your name, family names, addresses, phone numbers and such. Also don't use words one would find in the dictionary, as some password cracking software starts there. Oh, and writing words backwards doesn't help. If you can think of it so can they.
And don't use the same password for different sites. If you do and one site is compromised they all are. I know it's a pain, but they all need to be different. At least if you must use only one, make it a good one, and add a site specific letter, e.g. insert an extra "f" for Facebook or "y" for Yahoo.
If a website uses password recovery questions, if possible create your own. Don't use things like your mother's maiden name or what city you were born in, etc. Too easy for people to find! And use different questions on different sites, so if one is compromised, they all aren't.
Okay... enough stalling. I need to go create a new password for my email. Do you have any recommendations on a good method?
You said it. It definitely is a challenge to come up with good, safe, secure & memorable passwords! You could just get a notebook, write down your new password for your various sites, and then lock them in a firesafe safe in your office/house so that when you undoubtedly forget the password that you so masterfully and painfully created, you can go through the motions of going to the safe, unlocking it, pulling out the notebook, walk back to the computer to input the new password (remember you don't want to write it anywhere else), then you need to remember to walk back to the safe and lock the notebook back up!
ReplyDeleteI usually try to do an association of sorts. Picking something about something that I can associate then recreate the symbols, numbers and letters to that something and then use that. As much flies around in my head, it would be difficult for anyone to pinpoint what I might have associated at the time that I created the beloved password.
Good luck!
So, I created my new password a few days ago. A good solid one... one that would be easy for me to remember, but very hard for anyone else to guess. And it only took me three tries to log into my email the next day before I remembered and keyed it in correctly. ;) We'll see if when returning to work after the three day holiday (Labor Day) weekend, if I can still remember it. LOL.
ReplyDeleteI didn't know there were actually tricks for picking a good password that can be remembered thanks! I totally have to change all mine- I'm overdue!
ReplyDelete