In today’s digital age, your password is the key to your digital door.  Why, then, do so many of us use a cheap, plastic padlock?  Today I’m going to discuss some ways we can upgrade our padlock to a 5-lever mortice lock!

Your password should be secure 

It sometimes feels like nowhere is safe.  Just within the last 6 months, Evernote, Living Social and Twitter have all been hacked.  Admittedly, these were all professional hacking attempts.  One of the most common methods of hacking accounts is to use a brute force method.  Essentially, this uses a computer to continuously try different passwords, against a pre-defined list until it effectively breaks down the door.  Top of that list are usually passwords along the lines of “123456” and even “password” itself.  So, my first tip is to check if your password is on that list and if it is, change it immediately!

The other way hackers glean your password is through something called Social Engineering.  This can take many forms, but essentially involves getting information about you.  For instance, how many of you use your partner’s or your pet’s name for a password?  And how many people know what those names are?  You might even have let it slip to somebody you barely know!  Again, not a good choice of password.

So, what does make a good password.

Pick a Base Password

So, the first step is to start with something you will remember.  Don’t go for something obvious though.  Look around you now, what do you see?  I’m currently looking at a gorilla.  No, really, I have a stuffed gorilla on my desk.  So, there is my base password.

gorilla

Modify your Password

Anybody trying to brute force an account would likely use a text file with a long list of words – often based on a dictionary.  Obviously, eventually, they would reach my current base password.  This is the clever part.  Many people suggest swapping out letters for numbers, as some algorithms dictate that our password must contain letters as well as numbers.  It doesn’t take a clever soul to work out what these substitutions could be, so although we are making it more difficult for our password to be broken, it’s far from impossible.

Another option is to swap letters around.  Maybe write our password backwards, or swap every other letter, or even put the last half before the first half.

Its also worth using a combination of capital letters.

Of course, to be ultra secure, you could use a combination of the above:

1LlAg0r

Passwords for Many Sites

Now you have one password, I wouldn’t recommend using it for all your sites.  According to statistics, [55% of web users use the same password for all of their sites].  That is quite scary, because it may be able to break your password on a relatively insecure site and then all your accounts are compromised.  So ideally, you want a different password for each site.  If you’ve got hundreds of accounts, which most of us do, that could make it difficult to remember them all.

However, we have our secure base password.  The simplest option, is to put an easy to remember acronym for the site in front of the password.  For instance, for Engineering Tips, you might use ENG, or ET.  You might want to use a separator, or you might not.  For instance, – or _ are popular (which is a good reason not to use them), or & or (.  Be wary though, some sites are particular about what symbols you use.

So now we have:

ET1LlAg0r

Changing Passwords

As an Engineer, I tend to work on a lot of secure systems.  These often have a policy that you must change your password after a set period of time – every month, 3 months, 6 months etc.   For this, you can append an item onto the end.  The obvious addition to your password is a numerical digit.  E.g. 01, 02 etc.   However, for increased security, you could use a letter; a, b, c and so on.  Or you could start at the back and work forwards; z, y, x…. or even use your computer keyboard; q, w, e.

So now we have our final password:

ET1LlAg0rq

And all you have to remember is gorilla.

This isn’t going to make your account completely hack-proof, but it is at least making your passwords much more secure.  And if one account does get compromised, at least you can be sure that the rest will remain secure.

Please share this article out to your social networks so that your friends can strengthen their passwords.  I’ve placed some buttons underneath this article to make it easy.  And as always, if you have any additional suggestions or comments, please use the box below.

 

Image credits
Featured image – Anonymous Account 
Lock: Jarek Kisieliński