5 Steps to Better Passwords
In our recent article about “The Cloud,” we mentioned that the weakest link in the security of your information lay in your passwords. What happens to people with weak passwords? How about fraudulent access to your e-mails, computer, bank information – maybe even identity theft. Bad at the best of times, these are especially difficult issues for a traveler.
Now, how do you make passwords worthy of the data they are there to protect, and then how do you keep track of them all?
Here are 5 easy steps to get you on your way to complete password piece of mind.
The Longer the Better
Most sites won’t even let you create a password less than 8 characters, so make this the absolute minimum. Keep in mind that with every additional character you use, your password gets harder and harder to crack, so pile them on.
Choose a Phrase
Do you have a favourite line from a song or a film? If you’re a literary nut, maybe it is a line from a book or poem instead. Now, take the first letter of each word, and mash them together. I’m going to use the classic line from “Dirty Harry” staring Clint Eastwood.
“Do I feel lucky? Well, do ya, punk?“” becomes
“DIfl?W,dy,p?”
(Note the capitalization, and the punctuation)
Mix It Up
Make it a rule that all of your passwords include a lowercase letter, uppercase letter, number & punctuation. Substitute numbers and punctuation for letters or words (gr8, p1@yin9, h00p5), or add a number somewhere.
Adding the year of Dirty Harry’s release (1971) to our above example gives us
“DIfl?71W,dy,p?”
Different Sites, Different Passwords
One way to make your passwords a little easier to remember while still keeping your security is to customize your main (or root) password made above with the site or service you’re using. Let’s use Amazon for example. Let’s make it AMZ. Next, I’m going to take the punctuation above the “A” in Amazon on my keyboard. Now I have “!AMZ”
Let’s add that to our password above (beginning, middle or end, your choice) and we get
“!AMZDIfl?71W,dy,p?”
Use the same method for other services like #Dr0pB0x, or %GDocs, or add your own punctuation somewhere in there for good measure.
Test It Out
Now that you have your fancy new password, test it out with Microsoft’s Password Checker to see if it’s strong enough. Don’t worry, the password is checked and validated on your computer only, it doesn’t get sent over the internet to Microsoft.
How Do You Store These Passwords?
Now that you’re all set with how to make good passwords, how do you keep track of them? A piece of paper in your laptop bag you say? Wrong answer.
There are a few programs that can help you manage your passwords. They work by securing a database of your passwords with one master password.
KeePass is an open source option, available for Windows, with ports to OSX, and mobile with Android and iOS. If you would like something a little slicker, SplashID for Windows, OSX, iOS & Android makes syncing a little easier, but you’ll have to dish out a few bucks for software. You can even keep a copy on a USB stick and bring it along with you.
We have also had RoboForm and Last Pass recommended by TMA readers.
How do you make and keep track of your passwords?
Image via reidrac
One of the editors of Too Many Adapters, Dustin just can’t get enough travel or technology.
When not directly feeding his above insatiable habits, you can probably find him at some far away ice cream shop taking pictures and tweeting of all the flavors to jealous followers. That, or on top of a mountain somewhere shooting panoramas with his DSLR.
Great tips, Dustin. I generally follow all of them already.
For me, the worst part is the restrictions some sites include that don’t allow me to follow my standard format.
“Can’t end with a number” or “can’t be longer than 10 characters” or “can only use letters and numbers.”
It makes it far more difficult to remember passwords whereas my normal scheme is a standardized format, known only to me but easy to remember without relying on storing them somewhere.
Thanks Joel!
I also hate that there are still a few sites that limit you in some way or another, often with the punctuation, while others make it necessary. No one-size-fits-all. Seems like it’s heading in the right direction at least.
This is perfect timing for me. I already use LastPass to manage my passwords although I’ve been a bit guilty of re-using my passwords on multiple sites. After my Gmail account was recently hacked from China, I had to go and change them all. I’m been trying to figure out some system to make each one different but still be able to remember them if necessary. You’ve given me some good ideas to progress with.
Check out this post by Dropbox, which goes into some detail about why using “magazine zombie frag muppet” might be the one of the most secure passwords out there (not to mention hugely memorable).
Admittedly, I only skimmed the article (some detail?? hah!) It’s a complicated subject, and the trick has always been how to keep it simple but secure. It’ll probably take another 5 or 10 years before the skill of good passwords is ingrained in people. By then, maybe we won’t even need them anymore!
The trick these days seems to be the added requirement to add numbers and punctuation to your passwords, regardless of what makes sense
I would add ’1Password’ to the list of password managers. I have been using it for the past few years, excellent app. As for hacking and ‘C’… Perhaps an article how to deal with such things?