Let me start off by wishing everyone a safe and happy 2013, a year that will provide us with great new challenges like keeping our information safe while online. In this post I will cover the importance of passwords and give you some tips on how to make them simple to remember and hard to compromise at the same time.
The Longer, The Better
First of all, a password should always be long and hard to guess. The average person won’t be able to remember a random sequence of letters, but a pass-phrase like “This is my password for getting in to my house” truncated to: “Timpfgitmh” is probably much easier. Of course you will run the risk that a naive user might just end up using the same pass-phrase and effectively reducing it to a two letter password since only the last few letters would ever change. So make sure the pass-phrase is not a common used sentence, but a sentence you would uniquely remember.
When you create a password for anything which could be sensitive (including email), it needs to be at least 13 characters; the longer the better. Julian Assange, for example, used a 52 character password for his encrypted distribution of his “insurance plan”.
Back-up, Back-up, Back-up
Every password you use should be written down, most preferably in the same spot (that is NOT under your keyboard). You could write them in for example one of those little journals you can get at a bookstore, and you should also have a backup copy of this somewhere very secure (a lock box, bank secure box, etc). At most, you should have 2 books; 1 for less secure information like your e-mail etc., and another for bank accounts passwords, etc.
The reasons your passwords needs to be written down are two-fold.
1- You can have super secure random passwords like “23Dhn#$qsxmnmnt953” and don’t have to bother with memorizing them.
2- If somebody nefarious does take your password book, you know EXACTLY what they have access to since you have a back up in a secure lock-box. It’s easy to call your banks and tell them you know your password have been stolen and that you need your account information changed or have a new password assigned to you until you can change it yourself. This also limits the suspects to people who’ve had access to your password book.
Also, if you are on a Microsoft computer like myself, there is a large chance you have a key logger already on your computer just pumping away at your personal information. There is no way, I repeat NO WAY to eliminate the chances of your keys being logged because there is some pretty advanced software out there for keylogging and it only gets more advanced every day.
Use A Password Manager
And for the ones that are less paranoid like myself, I would recommend using a password manager like LastPass & KeePass. LastPass is my favorite since it’s stored encrypted online so no need to keep it in a physical “password book”
The benefit of using password managers is that all the super secure random passwords like “23Dhn#$qsxmnmnt953” do not have to be memorized and will be kept encrypted online, so only a master password needs to be memorized to get access to this password encrypted secure vault.
Keep these tips in mind and you’ll be surfing safer and happier in 2013!
Keeping passwords safe
How to master the art of passwords
KeePass Password Safe
The Last Password You’ll Have to Remember