As a former IT Support Technician at a major metropolitan newspaper, I know how lax some employees can be when it comes to creating passwords. Reporters are the worst, and ad sales reps come in a close second. I made a point to preach password security to most co-workers I supported – especially those who dealt with personnel records, credit card info, and other potentially sensitive documents. Below are some tips that’ll make your passwords a hundred times harder to hack whether you’re protecting your email, your work computer, your World of Warcraft account, or just your online banking access.
1 – Length Matters. Every character you add to your password increases its security by probably 1,000-fold. So your password is only four characters, huh? Now you’re just being lazy. Hope you don’t mind if a complete stranger reads your e-mail. Though eight-character passwords are very popular, if you want to make a hacker’s life hellacious, create a 12 or 14-character password.
2 – Don’t Use Names. If I were trying to guess your password, my first guesses would be your name, your wife’s, your kid’s, and your pet’s if I knew you well enough or had access to your completely public Facebook account. Admiral Barky is a great pet name, but as far as passwords go, it’s kind of weak, especially since Admiral Barky’s very own Facebook page is open to the public as well.
3 – Use Uppercase Characters. By using at least one uppercase character, you are ensuring the security of your password. If you capitalize a letter other than the first, which is the most popular of course, you increase your password’s security even more.
4 – Use Special Characters. You’d be surprised how much more difficult an asterisk, exclamation mark, or plus sign will make your password to crack. Let your inner geek muse go wild with choices like “linux+Penguin,” “BigB@ngTheory” or my probable future DC Online password “greenLan+ern.”
5 – Keep It Complicated. Essentially every word allowed in Scrabble, even if it contains the letters Q, K, P, or Z, is unusable by itself as a secure password. Ever thought about using “12345678” or “qwerty”? Well don’t. The same goes for “password,” “internet,” “security,” and “letmein.” Even though I am a fan of the popular alternative “p@ssword,” add some numbers or an uppercase character to secure it further. If you have used common passwords, it’s okay, most of your peers have done the same in the past. Just make sure it stays in the past because those weak passwords won’t last long against a determined hacker.
6 – You Can Never Use Popular Place Names Again. You were born in Richmond, and it’s a fine city, but it makes for a bad password. I hear that Florence, Italy, and Florence, SC are both great places to live, but steer clear of place names when it comes to password creation. Eight-letter words are very tempting, aren’t they Portland? But they are just too dangerous to use. I bet plenty of Atlanta residents use “atl30322,” the popular nickname for Atlanta plus the zip code. You can be more original than that. Show some creativity.
7 – Keep It Creative. Speaking of creativity, Green Bay and the Steelers had awesome seasons, but don’t do it. I’m a longtime Duke Basketball fan, but they’ve never made an appearance in my password tourney. I like the Black Eyed Peas as well as any music act these days, though they’re better in concert than the studio, but that’s no reason to base my password security on them. But I have to confess that “Ferg@!icious” just might work.
8 – Numbers Aren’t As Secure As They Used To Be. There was a time when your birthdate would have probably made a fairly secure password. But not anymore. Same goes for your anniversary, the year you were born, your full Social Security number or the last four digits, a telephone number, and the aforementioned zip code. Adding at least one letter to your numerical password is a good habit, just like one number or an uppercase character helps secure a password of mostly letters.
9 – Make It Memorable. When I used to be tasked with resetting passwords, I found that the users who forgot their passwords most often were the ones who were most likely to “dumb-down” their passwords. They gave up security for convenience despite having a readily available department on duty to reset passwords in an instant. A secure password that is memorable is not hard to achieve with some effort. There has to be something with some associated numbers that has some meaning to you every time you stare at that empty password field on your computer screen even after a week’s vacation. Just don’t be tempted to ever write it down.
10 – Acronyms Can Help. How secure do you think “Idw2mmpw2l” would be? It’s simply the sentence – “I don’t want to make my password too long.” Memorable acronyms like “The quick brown fox jumps over the lazy dog,” resulting in “tqbfjotld,” would prove to be less secure than something random unless you throw in an uppercase letter, a number, or special character or two. Actually, I came up with this method when a co-worker I supported “cns2rh@#$%pw”, or, in other words, “could never seem to remember his darn password.” Only slightly paraphrased of course.