Let's talk passwords
As the internet becomes more applicable to storing everything you need in your entire life, it also creates larger risk if someone were to find a way to break in.
How many applications of yours use the same password? There's a good chance that if I know you're email address and password, I have access to everything you belong to. How many of these could someone break into at once for you? Hotmail, Yahoo! Mail, Gmail, AIM, Y!IM, MSN, Ebay, Amazon, YouTube, Myspace, Facebook, iTunes, Citibank, Washington Mutual, E-trade, TradeKing, ING, and of course, Girls Gone Wild Online.
If you're using the same password for more than any two of those sites listed above, there's a good chance a hacker will try out the same email/password combination for those sites.
Okay, so nobody is insane enough to have a different password for each site and I understand that. It doesn't mean though, that we can't work on trying to create a password that will not be easy to steal. You already know passwords should have both letters and numbers, at the very least, so I won't baby you. But you probably only have numbers at the end of your password, right?
Remember, a hacker isn't targeting a person specifically, they're just trying to find the weakest link in order to break in somewhere. They don't really care who you are, only that they can get to your stuff. A hacker may only try combinations of passwords that begin with lowercase letters and end with numbers, knowing that's what most users do and hoping you're one of them (remember, in the computer world, lowercase letters are different than uppercase letters).
So what's a good password that I can remember?
I always tell people to create sentences, because even a single number thrown into the middle of a password will decrease the chances of being hacked significantly.
Here's some examples:
il0veCats - the 'O' is a zero. It's short, easy to remember, and the number and capital letter gets you out of basic hacking range.
gr8shesL8 - Great, shes late. A simple sentence, but uses 8's to form words.
If you're really serious about a good password, throwing in a symbol increases your safety even more. Think about sentences like this:
hey!Thatsm1ne = Hey! That's mine. The exclaimation mark is easy to use in a sentence, which most people automatically want to use a capital letter afterward. The 1 in the word 'mine' creates added safety as well.
Some of your passwords are too long, dude
You're right. Unfortunately some sites still only allow passwords that should be eight letters. These sites probably aren't very secure.
My next recommendation is always to have three different passwords memorized.
1) A trivial eight character length password for basic things.
2) A very secure eight character length password for sites you think should be secure
3) A longer length password, remember, the longer it is, the safer it is. But it should only be as long as you are comfortable in typing it over and over daily.
Having three passwords at least ensures that a hacker won't be able to break in to everything. And who says the passwords can't all be the same?
lovecats, l0veCats, and omg!il0veCats are completely different passwords in the computer world.
And lastly, pin codes
Nowadays, banks have evolved to beyond just having 4 number pins for your ATM card. The scary part is that some banks use your pin as the password to your online banking login. Keep in mind that the rules still apply. Longer is better. And with pins, since you can't use letters and symbols for security, length is your only safety.
So how to form words with just numbers? Just try to think of some numbers as letters.
811194732 - BILLGATES. Ok, not really easy to grasp, but think of the 8 as a 'B', the 1 as both an 'I' and 'L', the 9 as a lowercase 'G' and so on. It's only your pin, so it really only has to make sense for you.
You won't be able to form every word you want, but it works.
Go change your passwords
Now spend some time and go change your passwords. You'll find that if you come up with a good one, you won't even have to write it down (which is also very bad).
Congrats, your secret internet life is now a little more safe and secure.
How many applications of yours use the same password? There's a good chance that if I know you're email address and password, I have access to everything you belong to. How many of these could someone break into at once for you? Hotmail, Yahoo! Mail, Gmail, AIM, Y!IM, MSN, Ebay, Amazon, YouTube, Myspace, Facebook, iTunes, Citibank, Washington Mutual, E-trade, TradeKing, ING, and of course, Girls Gone Wild Online.
If you're using the same password for more than any two of those sites listed above, there's a good chance a hacker will try out the same email/password combination for those sites.
Okay, so nobody is insane enough to have a different password for each site and I understand that. It doesn't mean though, that we can't work on trying to create a password that will not be easy to steal. You already know passwords should have both letters and numbers, at the very least, so I won't baby you. But you probably only have numbers at the end of your password, right?
Remember, a hacker isn't targeting a person specifically, they're just trying to find the weakest link in order to break in somewhere. They don't really care who you are, only that they can get to your stuff. A hacker may only try combinations of passwords that begin with lowercase letters and end with numbers, knowing that's what most users do and hoping you're one of them (remember, in the computer world, lowercase letters are different than uppercase letters).
So what's a good password that I can remember?
I always tell people to create sentences, because even a single number thrown into the middle of a password will decrease the chances of being hacked significantly.
Here's some examples:
il0veCats - the 'O' is a zero. It's short, easy to remember, and the number and capital letter gets you out of basic hacking range.
gr8shesL8 - Great, shes late. A simple sentence, but uses 8's to form words.
If you're really serious about a good password, throwing in a symbol increases your safety even more. Think about sentences like this:
hey!Thatsm1ne = Hey! That's mine. The exclaimation mark is easy to use in a sentence, which most people automatically want to use a capital letter afterward. The 1 in the word 'mine' creates added safety as well.
Some of your passwords are too long, dude
You're right. Unfortunately some sites still only allow passwords that should be eight letters. These sites probably aren't very secure.
My next recommendation is always to have three different passwords memorized.
1) A trivial eight character length password for basic things.
2) A very secure eight character length password for sites you think should be secure
3) A longer length password, remember, the longer it is, the safer it is. But it should only be as long as you are comfortable in typing it over and over daily.
Having three passwords at least ensures that a hacker won't be able to break in to everything. And who says the passwords can't all be the same?
lovecats, l0veCats, and omg!il0veCats are completely different passwords in the computer world.
And lastly, pin codes
Nowadays, banks have evolved to beyond just having 4 number pins for your ATM card. The scary part is that some banks use your pin as the password to your online banking login. Keep in mind that the rules still apply. Longer is better. And with pins, since you can't use letters and symbols for security, length is your only safety.
So how to form words with just numbers? Just try to think of some numbers as letters.
811194732 - BILLGATES. Ok, not really easy to grasp, but think of the 8 as a 'B', the 1 as both an 'I' and 'L', the 9 as a lowercase 'G' and so on. It's only your pin, so it really only has to make sense for you.
You won't be able to form every word you want, but it works.
Go change your passwords
Now spend some time and go change your passwords. You'll find that if you come up with a good one, you won't even have to write it down (which is also very bad).
Congrats, your secret internet life is now a little more safe and secure.
posted by Allen M @ 4/03/2008 12:40:00 AM
2 Comments:
At 8:24 PM,
Emmy said…
About bank pins though... it's good to have a 4-digit bank pin if you ever travel outside the US and intend to use your bank card, because a lot of non-US ATM machines only accept 4-digit pins. You could easily end up quite screwed in Erbusaig if your pin is 5 digits and you need cash.
At 8:52 PM,
Allen M said…
Good point, Emmy. I should really separate the two and focus more on making sure one's online bank login is not their ATM pin code, and if they choose to use numbers only, to try to pick something not typical or easily guessable.
Post a Comment
Links to this post:
Create a Link
<< Home