October 25, 2017
How to create a strong password (and remember it) – by Dan Drees
Keeping your sensitive information away from cyber criminals involves more than just avoiding suspicious emails.Â Many people forget that creating a strong password is the foundation to keeping unwanted people away from their data.Â People also forget that they have a lot of sensitive materials stored on their personal devices. Â Some sensitive information includes old tax returns, W-2s, medical records and insurance information. Â Having weak (easy to guess) passwords or set of policies around storing your passwords contributes to a large portion of data theft annually.Â Such theft can result in identity theft and other malicious crimes.
While it may seem like a daunting task, creating a strong password for every account can be made easy by following self-created patterns.Â I developed an application to encrypt and decrypt messages when I was just fourteen years old.Â Ever since, I have taken Cybersecurity seriously.Â My current profession involves consulting with organizations on their security postures.Â After sharing information on this topic, I hope to inspire everyone reading this to create a strong password.
Creating a strong password can be easily done by following these steps:
- Create complex passwords
- Avoid common passwords
- Make passwords memorable
- Store passwords wisely
The complexity of your password is the backbone of your password, but how do you know if your password is complex? Â One good place to start is the keeping passwords twelve or more characters. Â With longer passwords, you are increasing the possible combinations your password can be.
In addition to the length, you should use:
- Upper and lowercase lettering
- Special characters (e.g. $, *, #, @)
Using common passwords is bad practice. Â Most hackers use automated tools which go through more dictionary words than most people know exist. Â Not only do hackers use dictionaries attacks, they use all sorts of combinations. Â Multiple words are put together as well as the common character substitution. Â Every time a new password is discovered, it gets added to their dictionary for next time.
Some of the most common passwords include:
Just because a password should be long and complex, doesnâ€™t mean it should be difficult to remember. Â It can be three random words connected in a way which makes no sense. Â For example, letâ€™s assume you are creating a password for your Bank of America website. Â Look around the room and pick random items. Â The items I just saw are a picture of my grandma, Congo drums and knives. Â Mix it up a little more and I now have â€œsharp noisy grams.â€ Â Now replace the letter s with a dollar sign and o with a zero. Â â€œ$harp n0isy gram$â€ should be the current password. Â To correlate this with Bank of America, I will use â€œBoAâ€ in my password. Â Since I have three words it is easy to just drop the letters in evenly to create â€œB$harp on0isy Agram$.â€
Of course, the more complex we keep the password, the harder it will be for a computer to crack it. Â Furthermore, four random words can be easy to remember if we only had to do it once. Â We should have different passwords for every website and application. Â Therefore, I suggest figuring out a way to incorporate the website in a cryptic manner.
Since the average user has many more than ten passwords, I donâ€™t pretend that it will be easy to remember every combination (if done properly). Â Personally, I have over forty passwords. Â Hence why many people recommend a password locker. Â The problem with relying on a password locker is that all someone needs to do is gain access to one of your devices and they can access everything. Â Therefore, I suggest writing an encrypted version of your password down.
Take my previous example, â€œB$harp on0isy Agram$.â€ Â If I wanted to write this down, I would ensure no one could understand it. Â One way to accomplish this is by going back to the original items you used to create the password. Â From there you can write them down as â€œBoa – knife, Congo, G.ma $0.â€ Â At that point, anyone who finds your little password book will never be wiser.
By following my advice, anyone can create a strong password and store it securely. Â With the stronger security on your devices, the less likelihood of someone stealing your sensitive information. Â After all, a strong password is like a strong lock on your front door (while you are living in a bad neighborhood). Â I highly doubt you want a door which unlocks by simply jiggling the handle.