Yesterday I highlighted 10 passwords and said anybody who uses any of those must be an idiot.
So here today are some tips for avoiding any more bad password choices –
PASSWORDS SHOULD NEVER BE RECYCLED
Personally I would say that you should never, ever use the same password twice.
If, however, you find it difficult to come up with new choices on a regular basis then you may have to.
If you find yourself in this position then try not to reuse an old password for as long as possible, i.e. a year or more.
Additionally, you should have used many other passwords in the mean time before returning to an old one.
PASSWORDS SHOULD NOT INCLUDE ANY PERSONALLY IDENTIFIABLE INFORMATION
If someone has specifically targeted you then they will already know a great deal of your personal information.
If not, and they are determined enough, then they could probably find out a lot more about you than you realise by searching on the internet.
Therefore, any words, numbers or phrases that can be connected to you are bad choices.
For example, your name, date of birth, mother’s maiden name, etc are all bad password choices.
NEVER CREATE PASSWORDS WITH REAL WORDS
The length of a password doesn’t usually have much bearing on how long it would take a hacker to break it.
If you are using proper words, of any language, then a dictionary attack will always succeed sooner or later.
Password crackers are, generally speaking, looking to get results in the shortest possible timeframe.
If your password is easily guessed with a dictionary attack then you will be a quick victim.
To avoid such password guessing tools you want to avoid words, especially the most commonly used ones, such as sex, dragon, love, god, pass and password.
PASSWORDS SHOULD NOT BE SIMPLE ALTERATIONS TO COMMON WORDS
Ok, so you think you are cool because you can type in the latest fashion.
Don’t think for a minute that that will allow you to create safe passwords though.
Just because you can swap the letter ‘a’ with an ‘@’ symbol don’t be thinking that a password cracker won’t think of doing the exact same thing.
Words such as ‘s3x’ and ‘dr@gon’ are only very slightly more secure than the properly spelled versions of the same.
DO NOT THINK YOUR PASSWORD IS SECURE SIMPLY BECAUSE YOU HAVE USED TWO OR MORE WORDS
Words are very easy for a password cracker to guess.
Making a password out of more than one word doesn’t add very much at all to the difficulty of cracking it.
Passwords such as ‘letmein’ are remarkably easy to guess.
You need to be much cleverer than that!