PC Hell: How to Create A Good Password

In today's electronic and Internet connected world, passwords are an everyday part of life. However, how many of you are using a password that is simple and easy to guess? Unfortunately the majority of people still use a simple password using either numbers or letters that can be cracked using most of the common password cracking utilities on the net. However, what's the alternative? I would guess between email accounts, credit cards, banking info, online sites, and other accounts that most people have between 10 - 30 accounts or more that require passwords to access. If you use a separate password for each account, how are you going to be able to remember all of them?

What Makes a Good Password

First let's discuss what makes a good password.

Length, the longer the password the better. Generally, at least 8 characters or more.
A mix of uppercase and lowercase letters
A mix of numbers and special characters
Something that cannot be easily guessed if I know you. Dont use birthdates, zip codes, phone numbers, first names of children, pets, etc.
Something that is not found in a dictionary

Creating a Good Base Password

First create a base word to work from.

Take a random bunch of characters, letters, numbers, special characters and create a base word.
Replace letters in a word with numbers or special characters. For instance, the word "password", becomes P@s$w0rd
Take a sentence or easily remembered phrase and use the first letters of each word to form a base word. Example:. "Now is the Time for All Good Men to Come to the Aid of Their Country" becomes Nittfagmtcttaotc
Take a dictionary word and spell it in reverse. Example: House becomes Esuoh

Now take your base word and make sure it follows the rules above for a good password. For example, House can become E$u0h with some substitution but its not long enough. So we add characters to the front and back of it to make it longer. In this case, you could add the month and year to it and be able to change the password each month so its more easily remembered. For January 2012, the password becomes:

12E$u0hJan - A ten letter password with a mix of numbers, letters (both uppercase and lowercase) and special characters. This fits all the requirements of a good password. On February 1st, change the password to 12E$u0hFeb and so on. Every so often you can start with another base word and start the whole process again.

The key is making the password random enough that no one could guess it or use a dictionary attack to crack it.

How to Make the Password Even Harder to Crack

Here are a few more ideas for making your password even tougher to crack.

Don't leave two of the same letter together in the sequence, For instance, the word password has to s's in sequence, Substitution something for at least one of the letters.
Don't use common substitutions, always using ! for l, or @ for A
Shift your fingers on the keyboard one space over or back and type your baseword, password becomes ]sddeptf with my fingers shifted to the right one spot on the keyboard.

Although, there are many more options to create a secure, remembered password, I hope these ideas give you the ability to become creative when choosing a password, instead of using a simple one in the future.

Using Your Base Password for Multiple Accounts

I don't pretend to think that people are going to use 30 completely different password for 30 accounts, but you could use your base password and add a few characters to it for the particular account. For example, my base word above 12E$u0hJan could be Ya12E$u0hJan for a Yahoo account, or CB12E$u0hJan for a Citibank credit card, etc. There are numerous possibilities.

Testing Your Password Strength

Some passwords are stronger than others, if you would like to test the strength of your password, visit Password Meter, an online password tester.

Where to Save Passwords if You Can't Remember Them

One of the first things people will tell you is not to write your password down and keep it near the computer. I have seen way too many customers that keep their passwords on a note card underneath the keyboard or on a post-it note on their monitor. Although this is convenient, its not the safest place for a password list. If you have to keep a list of passwords close, why not keep it in your wallet or purse. Although these could be stolen, along with your bank cards, credit cards and such its still a safer place than underneath the keyboard. Storing a password list in a safety deposit box is also a good idea. You may even want to store your password list on your phone or PDA - as long as the list is secured and cannot be read by just anyone.

A better alternative though is to use a Password Manager program to keep a secured, encrypted copy of your password on your computer so they are ready to access when you need them. These password managers generally have a Master password to secure them, so you really only need to remember one password to have all your passwords accessible. Here are a list of my favorite password manager programs.

Roboform - one of the originals and a very good one. Now with Roboform Everywhere, you can access your passwords on any computer you need to. Roboform also has a password generator to create a random password for you.
Passter - web app - A great online application that secures your passwords and makes them available to you. Works with Google Chrome as well.
KeePass - an open source app that runs on almost any platform. Can also be used with online storage providers like Dropbox to allow your passwords to be access anywhere.

There are many other password managers, but the ones above are my favorites.

I hope this article gave you a better understanding of passwords and the need for a strong password for your online accounts.

Search PCHell.com
site search by freefind	advanced