HideMyAss VPN

Friday, July 26, 2013

How to create secure passwords

When choosing a password for whatever purpose, you might use something personal like your pets
name or your birthday. But that’s far from being a secure password!
Sure, keeping a strong, complicated and long password in mind is not easy – that’s why many users make the mistake of using a rather weak password. But why not just making a compromise there? This weeks weekly tip will teach you a bit about passwords, their security and good ways to select a password.
First, the longer a password is and the more different and uncommon characters it contains, the more secure it will be. That’s why your first step should be thinking about possible risks you take when using a comparatively weak password; what damage can be done if your password gets stolen, your account used?

For example: If all that can happen is that someone else is able to play a specific flash-game with your account, then there’s not much to lose. Using a strong password here wouldn’t make much sense.
A whole different story is if your online-banking password gets stolen, or someone gets access to your website administration – this could result in real big damage, financial or legal consequences. Using a strong password here is essential!
In addition, using a weak password can be considered negligent. Should someone have used your WLAN for illegal purposes, you might be responsible for his actions simply because you did not secure it properly.

So after you decided if a strong password is needed, you need to choose what type of password you want to use. You can either use a personal password, or a generated password.
 Personal passwords: As mentioned, many people are using personal passwords like their pets name, their partners middle name, something like that. This alone brings 2 possible problems:

1. The password would certainly not be unique. It’s likely that the password is listed in so-called dictionaries. That means a hacker would only need to try often enough, and sooner or later he would have guessed your password and gained access to your account.

2. Anyone who knows you personally would be able to guess your password. Even a stranger could theoretically fetch personal information about you from the web, your friends or your family and then just keep trying different combinations and possibilities till they succeeds.
 Examples for passwords and terms you should not use:
  • your birthdate: No birthdate is unique, and it’s not much effort to find out when you were born
  • your pets name: No name is unique, and finding out your pets name is not that difficult
  • short and common terms: Terms like “master”, “123456”, “qwerty”, “jesus” or even “password” are the worst possible choices for a password
So using a password that is simply a term of your private life is never a good idea – but that does not mean that you can’t use it. Why not just making it stronger?

You could add a number behind, before or in the middle of that term. For example, if you consider to use the password “buddy”, a stronger version would certainly be “buddy9642” or “bud9642dy”.
Remember: the longer a password is, the better. Many online services fortunately don’t accept weak or short passwords and so force you to select a stronger one.

If supported by the service you are registering for, feel free to use special characters like “@%/()$§?!”.
Using upper/lowercase characters in different combinations also makes sense. You should always keep in mind that each password has a certain chance to get guessed, either by a human or by a computer program.

Obviously a password like “buddy(1924)!” is less likely to get guessed than “buddy”.
A far more secure method for selecting a strong password is to generate one. There are countless password generators on the web with different generator settings.

No comments:

Post a Comment