All these years we were taught to create passwords with mix of numbers, small & capital letters and special characters. But these are tough to remember and we don’t change them frequently too. There are proofs that password “Tr0ub4dor&3” can be hacked in less than 3 days because it contains predictable capitalization, special character placement and numerical substitutions for letters.
Once we create a password using mix of all these 3 types ( numbers, alphabets & special characters ), we tend to repeat the same format for all our other accounts. Here are 7 easy tips to create strong passwords for each of your accounts in a different pattern.
Don’t Complex, Make It Easy To Remember
Creating a password with mix of upper and lower case letters, numbers and special characters (such as &, %, $ and *) might be easy but it is very difficul to memorize and recollect. Some people add 123 or their school/college numbers or date of births at the end of the password. These things become predictable and can cause data theft.
National Institute of Science and Technology (NIST) has removed the advice about having a complex mix of characters from its safety guidelines. In it’s latest recommendation – “Think of a password more as a passphrase.” For example, making a password with 4-5 disassociated words, like “Lord Professor Kalam Stamp” is easy to remember but hard to crack.
If memorizing list of random words is difficult for you then use first letter of each word from your favorite song. For example if your favorite song is “They Don’t Care About Us” of Michael Jackson. Then your password can be “shdhegbsa” (Song Lyrics – Skin head, dead head Everybody gone bad Situation, aggravation Everybody allegation ). It might look tough to remember but once you sing the song in mind it will be easy to recollect. You can select any part of the song not just the beginning.
Don’t Include Personal Details
Never include anything related to you in your password. Don’t include your nicknames, birthdays, friends or relatives names or anything that is related to your personal or professional life.
Bigger, The Better
Most of the times websites suggest you to have a password of length 8 or more. NIST recommends to have password of length 12 or more. The simple reason – Longer password are much harder to crack. A 7 character password can take hacking software 0.29 milliseconds but a 12 character password takes nearly two centuries according to BetterBuys password estimation tool.
Don’t Change Passwords Frequently
Some of the websites recommend users to change passwords for every 30, 60 or 90 days. Don’t change password frequently. When you change passwords frequently it becomes difficult for you to remember and you tend to simply the password or add some personal information to remember easily. Or sometimes in order to keep track of password you might start writing them on a notepad or in your smartphone, which is not a good habit. This method doesn’t add any value to your security. Stick to your password unless you feel there is need for change.
If you hear any news of data breach of a website or company where you have an account then you should consider changing the password.
Don’t Repeat Passwords
We tend to use same password for multiple accounts as we maintain many accounts online. Don’t repeat the passwords. Though it is tough, try to create different passwords for each account. Delete the accounts which you are not using, don’t maintain them. Try to reduce the number of accounts you use on online.
Better Way To Store Passwords
Many of us follow different methods to store passwords. Some store passwords on browsers or on a piece of paper or in smartphone. A better way is to use password vault or manager. These services save your details securely on your hard drive or in the cloud. There are many paid services/apps which offer many features (LastPass/Dashlane). It is better to maintain a secure password manager rather than using repetitive passwords for many accounts.
If a website offers you 2-factor authentication then it is recommend to use it. It offers an extra layer of security for your information. There are apps (Google Microsoft)that handles authentication codes for login. Sometimes websites ask you security questions like mother’s maiden name, don’t enter correct answers. Because there is a lot of information about us on online.
Be careful, Be Healthy and Be Safe.