How to generate a strong and secure password?
You may have come across this article for a few reasons:
- You are wondering how to make a strong password.
- You have recently had your gmail, hotmail, facebook, etc. hacked.
- You may be trying to help someone else generate a strong/secure password.
- Or many other reasons!
The scary reality…
Let me start off by asking you a few questions and answer them truthfully.
- Are all of your passwords 100% unique? i.e. you never use the same password twice.
- Do all of your passwords contain at least 8 characters in total (containing UPPERCASE, lowercase, numbers 0,1,2,3,9, and special characters – !@~$#&^ etc.)?
If the answer to both of these questions is not “yes”, you have some potentially serious security risks you need to fix, asap. Thankfully, you have stumbled across this blog!
I want you to do a quick tally on the number of different accounts you have on the internet, this varies from your online banking with ANZ for example, your eBay account, paypal account, hosting account, facebook, twitter, discussion forums… the list goes on! Now think about how many of those websites share the exact same password?
A wake up call!
Now imagine one of those websites were to get hacked and just one of the passwords were found, you may have potentially given unrestricted access to your most personal information! The results will be detrimental and sometimes irreversible! You may or may not have heard that a company over in the USA called “Target” was hacked and had 40,000,000 (yes, forty million) credit cards stolen along with personal information linking those cards to individuals.
“So, tell me how do I generate a secure password?”
The answer is simple. You must have strong, unique, impossible to guess passwords. Yes, you heard correctly, each login account you have must have its own UNIQUE password. You may be thinking:
“It is going to be impossible to keep up unique passwords for every single account I have!”
This is where it gets interesting, as it is not as difficult as you think! In fact, I personally stumbled across a video which explains it quite well. The video lasts less than 5 minutes and will help you to understand a very simple logic behind creating secure passwords.
Logic behind creating secure unique passwords
So I hope you enjoyed the above video. If for any reason you could not see the video, the URL is: http://youtu.be/hYyWgPXfx9U We will now discuss some different methods you should consider when generating a strong password.
Option #1 – Using a whole sentence
When changing or setting up a password, why not use a sentence? Note: Of course you should use UPPERCASE, lowercase, numbers and special characters. For example:
“Terry Smith is my name, I love Australia!”
You now have a 47 character password, using lowercase, UPPERCASE, and two special characters! Note: If you are not “allowed” to use “spaces” in a password, you can simply remove them to make a 40 character long password, so the password will look like:
“TerrySmithismyname,IloveAustralia!”
Or another example could be:
“My wifes DOB is 05-03-1987!”
or remove the spaces to look like this:
“MywifesDOBis05-03-1987!”
Option #2 – Breaking down a pass phrase
Using the logic mentioned above to create a secure passphrase, let’s now try to break it down to make the password shorter, yet still secure. Let’s take the FIRST letter of each of the words/special characters and make them one word. For example:
TerrySmithismyname,IloveAustralia!
Will become:
TSimn,IlA!
and
MywifesDOBis05-03-1987!
Will become:
MwDi0-0-1!
Option #3 – Random generated password
Now, some of you reading this blog may be thinking, “Well, I would much rather a randomly generated password and I will keep up with it myself”.
Prompt Web Hosting has a very good random password generator tool: Free random password generator tool
Now don’t get me wrong, random generated passwords are fantastic, but if you are anything like me, you will eventually get frustrated with typing the same password, over and over again. Furthermore, it brings up the next topic, Where are you going to store these passwords? Especially if potentially you will have 20+ different passwords.
Option #4 – One password for all accounts – but still random?
Well, we already know how unsafe it is to use the same password for every account, but why not simply mix it up a little bit so you can still ‘sort of’ use the same password for all of your accounts.
For example, if your password is jE48@!S# and you want to create a secure password for facebook, why not simply add an acronym at the end of the password, i.e. jE48@!S# becomes jE48@!S#FB or add the acronym at the start, i.e. FBjE48@!S#
What about eBay? Why not do jE48@!S#eB or eBjE48@!S# — Paypal becomes PajE48@!S# or jE48@!S#Pa
By doing that, it becomes very easy to remember your passwords, and yet they are still complex and secure and will hopefully not need you to record them anywhere for safe keeping.
How to safely keep passwords
So hopefully now you have a good, strong password generated for each of your online accounts.
But this begs the next question, how and where will you store these passwords?
If you had a credit card or bank debit card, you would not (well, hopefully not) write down your pin code on the back of the card, that just does not make any sense. So why would you store all of your important passwords on your computer where hackers can steal them?
I will go ahead and make some recommendations of what, in my opinion, is not safe to do:
- Do not store your passwords in a notepad or word document (or any document for that matter).
- Do not carry passwords on a USB thumbdrive. What happens if the USB thumbdrive gets lost/stolen?
Try and avoid saving your passwords when prompted inside your browser, especially if your passwords will be “synced”.
If you desire to store your passwords on your computer, please do it in a safe manner!
There is a number of both free and paid solutions. I will go ahead and list some of the more popular ones.
- KeePass.info – KeePass is a FREE and open-source application which runs on windows! There is a number of “ports” which allows you to run this same application on Mac, Linux, iOS, Android, etc. There is even an official release which allows you to install the application on a USB thumbdrive. Don’t worry, if you lose your USB, they won’t be able to access your passwords!
- Roboform.com – Roboform offers both free and paid solutions, pricing is also quite good! The good thing about Roboform is they natively operate on Mac, Android, iOS and of coarse windows. It is all securely synced to the cloud, so all passwords will automatically sync across all of your devices. Another great thing about Roboform is they have inbuilt browser plugins which enable you to automatically login to certain websites without needing to copy and paste passwords. Very handy, indeed!
Conclusion
In conclusion, I have given you several reasons why you need to ensure you need a unique password for every service you use and to never use the same password, anywhere.
I have also outlined the importance of storing your password correctly and even provided you with some links to software which will assist you in your endeavours!
Don’t become a statistic — keep your passwords complex and secure!
What are your thoughts? Maybe you would like to add something to what was already said? Have you made a decision to start using the above method to ensure your accounts are protected?