Build a Better Password

Date June 4, 2008

As a webmaster I often get access to customer accounts and I’m often surprised at the poor quality of passwords and logins that people use on their accounts. Very often the clients simply are not aware of the ease with which a hacker can break into an account using brute force attacks. The other mistake is that they believe this particular account is not important (”it’s not a bank account or something”). But the reality is that access to even an “unimportant” account can easily lead to all the information necessary to access much more important accounts so ALL accounts need to be protected by High Quality Passwords.

Basic Password Rules:
Make it lengthy. Each character that you add to your password increases the protection that it provides many times over. Your passwords should be 8 or more characters in length; 14 characters or longer is ideal.

Combine letters, numbers, and symbols. The greater variety of characters that you have in your password, the harder it is to guess. All passwords should contain letters (upper AND lower case), numbers and at least one punctuation symbol.

Never use words or names which can be found in a dictionary (IN ANY LANGUAGE). f you must use words to remember your password then use the words spelled backward such that the word is now not a real word . The easiest way to remember your passwords is to create “rules” by which you create a password. In this way you are not remembering 40 passwords, but instead you are remembering a single rule which produces a different password for every account. An example of a rule could be (a name spelled backward + a date written backward + the last 4 characters in the login page url ). In this way you have no “actual” words or dates in the password and the use of the last 4 characters in the login page makes each password unique for each account.

Use the entire keyboard, not just the most common characters. Symbols typed by holding down the “Shift” key and typing a number are very common in passwords. Your password will be much stronger if you choose from all the symbols on the keyboard, including punctuation marks not on the upper row of the keyboard, and any symbols unique to your language.

Category Posted in Security

Leave a Reply

You must be logged in to post a comment.