Creating a good password - how to avoid making common mistakes when creating your password and how to protect it

By: Eduardo R. Zayas-Quiñones

[Home][Strong Passwords][Personal Firewall Security][Backup my PC?][About computer viruses][Wireless Security]

What is a password?

Think of a password as the key to your treasure chest. A treasure chest that contains very important information like account numbers, financial information, business records. It's like the key to your home's front door - you know, the one you don't want to leave under the welcome mat. It is your first line of defense in protecting all that important information.

The reader may say "but of course I have a password - I'm safe right?" Well, that depends on the password you have chosen. While making a good password will take a little extra work, this practice will go a long way to help you secure your valuable information and applications.

If you value your computer programs and information stored electronically then you should avoid common mistakes made by people when creating passwords. The importance of this to you is that these common mistakes are well known to hackers and criminals and are some of the first avenues used by them as they attempt to access, alter or destroy your valuable information - perhaps even worse, accessing your personal information to impersonate or defraud you.

These are some common mistakes people make when creating passwords

a.
Making a password the same as their account or login name. A hacker or criminal wanting to break into your little electronic treasure chest (your computer or account) may try to gain access using your user name and a blank password. If not successful, this individual may try a password which is the same as your user name. You may be surprised how many little treasure chests someone with bad intentions can get into using this technique!

b.
Making a password the same as their first, last or combination of both names. In many cases your name can be easily guessed by examining your account user name or identification. At the office, most of the time there are rules which govern how user names are constructed - user names are in many cases published and easily found out.

c.
Making passwords that consist of very common names, words or easy to type character strings. The problemm with using common names, words or short character combinations to create passwords is that these are vulnerable to attacks by password cracking programs. The shorter and "weaker" the password, the faster and easier these can be cracked. Character sequences like qwerty or asdf are easy targets. Most password cracking programs will look for use of valid or common words and will test passwords using a dictionary. Avoid these at all times!

Two important criteria that make for a good password - ways to avoit common mistakes

a. Password length - this is the number of characters the password consists of. How long should your password be? Let me answer this question with another - how important is your information? Based on my experience, I recommend using passwords consisting of from seven to nine characters.

b. Password complexity - this is how difficult it would be to guess each individual character and ultimately the password. If you use on ly numbers, then each character in your password would be one in the range of zero to nine (0-9) for a total of 10 possible entries. If you are only using lower case letters then each character would be one in the range a-z for a total of 26 possible entries. Now think about how much more complex and harder to guess a password would be if it consisted of numbers, upper and lower letters, and special characters. How many possible combinations of a seven or nine character password would there be? You do the math!

Here are some recommendations for creation, use and protection of your passwords:

a.
How to create a strong password - A strong password is one that consists of a combination of upper and lower case letters, numbers or special characters, and that is 7 to 9 characters in length. I know it sounds like it would be very difficult to remember these but if you look close at the following example you will learn how to construct a password that is strong and yet easy to remember.

Here is an example of a strong password:
dYkTw2Sj?

At first glance, it sounds like a tough one to remember - correct? Now think about this, remember the following song lyrics?

Do you know the way to San Jose ...

Take another look at the password. If you can remember a song, verse, poem or phrase that is unique or that has special meaning to you, then you can surely remember a password even the rythmic shift of upper and lower case letters, special characters and numbers. This is not rocket science and a good way to create good passwords that can be easily remembered. Just do yourself a favor, don't use the password I used as an example - you never know who's watching!

b.
Never reveal your password - An honest and reputable seller or service provider WILL NEVER send you an email or any other communication asking for your password. Never, ever give away your password information to ANYONE!

c.
Safeguard your password - If you access the Internet from the privacy of your own home then you only have to worry about your spouse, children, relatives, friends or visitors seeing your password written on a sticky-pad on your monitor or discovering it written under your keyboard. If you share your computer space with others in an office-like environment (you don't shop on the Internet at work of course) then this may be a bigger concern. Look, if the password is that hard for you to remember then write it on a piece of paper and keep it in a drawer you usually lock - OK?

d.
Login to a Web site using SSL Sign In - Reputable and responsible Internet merchants allow you to login using SSL. If a choice is available to you then by all means use SSL. SSL stand for "Secure Socket Layer". This is an industry standard or protocol that gives your Sign In information (your user name and password) a higher level of security such as encryption while you are loging in to a system.

 

[Home][Strong Passwords][Personal Firewall Security][Backup my PC?][About computer viruses][Wireless Security]


Copyright © 2002-2006 Ed Zayas