Making Simple, but Highly Secure Passwords

Protecting your personal information is important.  If you bank online, or use any social media site, it is essential to have hack-proof passwords if you don’t want your personal information to be compromised or your good credit or reputation stolen.  If you use only one password for multiple accounts, even if it is a tough one to crack, once it is compromised, the hacker will have access to every account!

What’s worse, forensics software programs allow hackers to decipher passwords. It is estimated by Consumer Reports (January 2012) that using one of these programs it would take a $2000 computer two and a half hours to crack the strongest seven character password.  An eight character password would last 10 days and a nine character one would last about two and a half years.

Hackers can also get clues to your password by exploring your Internet history or Facebook or Twitter ramblings.  By reading your Facebook page, for example, they would find out you are a great Star Wars fan, so using “HansSolo1” or something similar would be easy for a hacker to guess.  For this reason, all your social media sites should have unique passwords and you should also consider restricting access to friends only. 

Most passwords require a minimum of 5-8 characters; the longer it is, the harder for hackers to crack.  First let’s take a look at some other common sense rules for safe passwords:

• Use upper AND lower case letters as well as numerals AND symbols – but NOT just at the beginning or end. Such as “B@ker1.”  Keep in mind that some programs will not accept symbols.
• DO NOT use a recognizable word, not even a foreign word.  Sophisticated hacking software can easily crack these.
• DO NOT use any personal info such as name of spouse, children, pets, social security, house or telephone numbers.  This includes old addresses – bits of your personal history can easily be found on internet databases.
• DO NOT use a password that is the same or close to your user name.
• DO NOT use your favorite sports team, restaurant, business name or anything that can easily be picked up from your website or one of your social networking sites. 

So now that all of your crutches for remembering your passwords have been eliminated, what do you do? 

Passwords should be based on something easily remembered. So use a phrase or sentence that includes something unique about you that no one knows, then incorporate special rules such as  replace all verbs with a capital letter, the first “a” with  “@”,  every “e” with 3.  Using an easily remembered memory such as “Danny’s Restaurant was my favorite place to eat as a child”  -  the phrase becomes a mnemonic device to remember the password– drWmfpt3@ac.   

We all need multiple passwords, so use the same phrase, but add the initials of the site or institution to create multiple passwords – either at the beginning or the end or both or even somewhere in the middle of your password.  For example, using the same rules as above and adding the rule i=7, “My mother baked valentine cookies with pink icing” would then be NmmBvcwp7SB  for National Savings Bank; and FmmBvcwp7 for your Facebook account.

In choosing your sentence or phrase, make sure to select words that will result in at least one numeral in your password. 

If you have websites that require you to periodically change your password, incorporate a system such as adding a capital letter or a numeral for each month that you change your password.  For example,  “My mother baked valentine cookies with pink icing”  would become “JmmBvcwp7” for the month of January.  You could also add a special character such as ! @ # $ %... with each password change.

Most agree the longer your password, the harder it will be to crack.  Even if you only have a basic password of 5 letters – “Ethel is my father’s aunt” or   37mf@ (see the rules above), you can also add multiple letters, numbers or symbols afterward to make it longer   37mf@<>?<>?    The password just became complicated.  Notice the position of those characters on your keyboard – very simple to use – they are just repeated twice.

This system is simple, fun, and most important, very difficult for a hacker to crack. But if you’re like me, you might still have to write down your password phrase and special rules somewhere.  If you do, make sure it is on a password protected PDF, an encrypted flash drive or under lock and key!