Creating and keeping strong passwords
Password123.
Keep it secret, keep it safe. Everyone has a password for something. Email, Facebook, Twitter — nearly every site and service has a login nowadays. But how do you keep your account safe without creating a password that you almost immediately forget? Strong password creation is easier than you might think!
First off, what is a strong password? Short passwords, passwords made of only lowercase (or uppercase) letters, or something like password123 are not strong passwords. To be considered ‘strong’, a password should have 2 or more of the following:
- More than 12 characters, though the more the merrier
- At least one symbol (? ! # @, etc)
- One or more uppercase letters
- One or more numbers
Avoiding standard sequences of dictionary words (the quick brown fox) and common sequences (123) will further improve your passwords.
If you have trouble coming up with a password like this, you can always use a random password generator. Another method is to think of a full sentence and abbreviate it. For example: Wu!Gabpoalm! is a strong password, and is easy to remember. It’s simply the first line of Chop Suey! by System of a Down.
Wake up! Grab a brush put on a little makeup!
Editor’s note: For obvious reasons, please don’t use this password, or any passwords featured in this post.
Alternatively, you can create a pass phrase as a way of remembering things, though you can progressively increase the strength of the phrase with a few steps.
Initial idea: My favorite Pokemon is Charizard. (9 TREDECILLION YEARS to crack)
Improved by using irregular capitals (second letter of every word): mY fAvorite pOkemon iS cHarizard. (6 HUNDRED TREDECILLION YEARS to crack)
Further improved by adding errant symbols: my! fA$vorite pO!kemon iS$ cH!arizard. (25 SEPTENDECILLION YEARS to crack)
In this case, we started with a fairly simple sentence that is easily remembered, but much better than something like Charizard456. We then chose to capitalize a letter in every word–the second letter, to be exact–which is irregular but still memorable. In the third step, we decided to add a symbol after the irregular capitalization, alternating between ! and $.
It is also recommended to use different passwords across different sites. If someone manages to get a hold of one of your passwords, you don’t want to hand them a master key to all your info.
So how do you even keep track of them all? Not to worry, there are several tools to help you. LastPass, DashLane, 1Password, and StickyPassword are all great free choices to handle multiple passwords across multiple sites, often autofilling them for you. Google Chrome and other browsers, as well as your devices, also have built-in password managers that accomplish the same thing, though be sure to take appropriate steps to make these inaccessible when crossing borders or when you’re likely to have your privacy violated, such as at protests.
Privacy tip: Physical password reminders like sticky notes or journals are not recommended. Not only are they cumbersome, but in the wrong hands could be absolutely disastrous — a security nightmare! To keep a physical reminder that won’t give away the whole passcode, consider a physical object placed nearby to help you remember the inspiration of the passcode, rather than giving it to you.
If you’re not sure whether your password is secure enough, you can check it here. This is the site that gave us the estimates for the above examples. Passwords are not saved on the site–you can even use it offline– and it helpfully shows how long it would take for hackers to crack that password.
