Because passwords are almost always the weakest link in any security system where they are used, the first step to better security is better password practice.
Things to avoid:
- Don’t pick a dictionary word or a proper noun! Passwords are often easy to crack because most people pick a password that is a variation on a word in the dictionary. There are simply not that many words in human languages: it is trivial for a computer to try them all! This includes words where you have replaced some letters with numbers. For example, “L0V3” is just as easy to crack as “LOVE”.
- Don’t use the same password for all your accounts. Also, it can be better to write down your passwords in a secure place rather than use the same one everywhere.
- Don’t forget to change your password. You should change your password at least once a year.
- Never tell anyone your password, especially if they ask for it.
How do you create a password that is strong and yet easy to remember? This can be really tough. There are three generally approved methods:
1. Use a password storage locker
Don’t try to remember passwords. Instead, generate random passwords for all the different services and websites you use, and store them in a secure password locker. The one we use is LastPass.
- Start with multiple words you can easily remember.
- Convert these words to non-words (for example, by taking the first letter of each word).
- Add a few random uppercase letters, numbers, or symbols, and you are done.
You could turn “The Revolution Will Not Be Televised” into “trwNbt” and then add a few random characters for “trwNbt!42”.
- Pick a few random words you can easily remember. Mixing in words from different languages and non-dictionary words is a good idea.
- String these together into a long passphrase. This will be longer, but easier to type.