Perfect passwords in 3 easy steps

March 16, 2011 By Leave a Comment

We don’t have to tell you that choosing a strong password is important for your online security. We will show you how easy it is to pick a strong password and explain some of the magic behind them too.

Choosing a password

  1. Pick a random set of pronounceable characters and mix upper and lower case letters, for example: osHiToki . (Note: Some people advise to use sentences or other tricks but we personally find it easier to just make something up and remember it)
  2. Put some numbers in it. You can replace characters with similar numbers such as 1 instead of i, 4 instead e, or 6 instead of b (be creative) or you can insert or append numbers randomly, in our example we replace the i with 1: osH1Tok1
  3. Don’t use the same password for every site, either use different passwords for different levels of security (i.e. use different passwords for online banking than for a software trial) and/or attach initials for the site to the password, for Facebook we would use: FBosH1Tok1 or osH1Tok1Fac

DONE!

What makes this password strong?

  • It is random. Attackers use password dictionaries to try common passwords and existing words.
  • It is long enough, 10 characters in this case, after the FB insert. Think of it this way, each character increases the number of password options exponentially. If you would use only lower case characters each password position would have 26 options. A 2 character password would have 26 x 26 = 676 options, a 3 character password would have 26 x 26 x 26 = 17,576 options. Quite a difference but don’t stop there! Computers can do millions of password guesses in a second so you need a MUCH stronger password.
  • It is mixed case. By introducing upper case letters the entropy of the password increases dramatically, for each position of the password there are now 52 instead of 26 options. As a result we now have 52^10 options instead of 26^10. For the 2 character password we now have 2,704 options (52^2) and the 3 character password 140,608 options (52^3)!
  • It contains numbers. The same principle here, by introducing numbers we increase the number of options per position from 52 to 62 so the number of password options becomes 62^10.

Supercharge your password

You can supercharge your password by including special characters as well such as !#%& etc. The only drawback is that a small minority of sites and applications doesn’t support special characters.

An easy tool to manage passwordsPassword managament tools

Do you have too many passwords and access codes? Then a tool like Password Safe might be the answer for you. It stores all of your passwords safely in an encrypted database  in a structered way. Access to the database file is protected with a password so make sure it’s a strong one (one password to rule them all – sounds familiar?).

Single Sign-On

Luckily there are some initiatives to ease the password pain. More and more applications are able to use your existing online ID without the need for you to create a new one for each application, also when you need to changes your details or password you only have to do that once. A good example is OpenID supported by many applications (such as Facebook and WordPress) and ID’s which are provided by the likes of Microsoft, Yahoo and Google.

 

Filed Under: IT Security Tagged With: ,
About Ben Stege

Ben has nearly 15 years experience in web technology, system engineering and IT security. He is passionate about the value of web IT and the way it shifts the focus from technology to functionality. When not on-line, anything outdoors suits him just fine.

Speak Your Mind

*