How to Tell the Difference between a Good Password and a Weak One
We all use passwords everyday and are often told that they need to be strong to safeguard against the bad guys getting access to our precious information.
However, passwords are troublesome beasts that get in the way of doing our daily business, they are hard to remember and we are supposed to use a different one for each location......but we are human and so we pick easy to remember ones and re-use them as often as we can.
"One password fits all!", we cry.
This article will try and solve the two problems that we have with passwords:
- How to create a good password.
- How to remember lots of different passwords.
How to Create a Good Password
Firstly, what does a good password look like?
It should be as long as possible with a minimum of 8 characters, but preferably at least 16. The reason for that is the longer the password the harder it is to crack by guessing. Each additional character adds a large number of extra guesses that need to be made to get the correct answer.
It should contain both upper and lower case letters. Upper case and lower case letters are treated as different letters by the computer, so we add even more guesses to be made by mixing them up.
It should contain numbers and special characters. Again this adds to the number of guesses required.
Well that seems simple enough, but won't that mean that the resulting password is hard to remember? Not really, if we start with something easy to remember and then add complexity by following the above rules, then we can create a strong password from a weak one.
Let's look at an example and test the result using an online password checker (http://www.passwordmeter.com/)
A common and really weak password that is used surprisingly often is the word "password" (without the quotation marks).
Let's put that into our password checker. Look at the result, it is rated as "Very Weak" with a score of 8%......who would have thought so?
OK. Let's make it longer to make it harder to crack. We'll use "myveryownpassword" (without the quotation marks).
Now it still shows as "Very Weak", but the score has risen to 18%, so that's a little better.
Next step is to use a mixture of upper and lower case. We'll use "MyVeryOwnPassword" (without the quotation marks).
That's much better already. It is now a "Strong" password with a rating of 66%.
However, we're still not finished. Let's add some numbers and special characters to it.
We'll use two different choices, firstly with numbers added. Let's add the year to the end and use "MyVeryOwnPassword2014" (without the quotation marks).
Hey Presto! We now have a "Very Strong" password with a score of 100%.
OK. Let's try an alternative without numbers, but with a special character. We'll replace the "a" with a "@" character and get "MyVeryOwnP@ssword" (without the quotation marks).
Again we get a "Very Strong" password with a score of 100%.
So by starting with a weak, easy to remember password, we've been able to turn it into a very strong password that is still easy to remember.
Now that wasn't too difficult, was it?
How to Remember Lots of Different Passwords
OK. We now know how to create strong passwords, but we still need to have a different password for everywhere, so how do we remember all our newly created, strong passwords?
The simple answer is we don't!
We make use of some software to store all our passwords in a safely encrypted database. The software is itself password protected and that password is the only one we need remember.
What software? Well there's a lot of choices do a Google search for password managers and you'll see heaps of results. A couple of common ones are Password Safe (http://passwordsafe.sourceforge.net) for Windows users, or KeePass (for Windows) KeePasX (for Mac and Linux) http://keepass.info/ and https://www.keepassx.org/
So follow these simple instructions on using strong passwords and you'll control your passwords, rather than having them control you!