Best Ways To Create A Strong Password
Best Ways To Create A Strong Password : Creating strong passwords may seem like a daunting task, especially when the recommendation is to have a unique password for each site you visit. Anyone would be intimidated if they had to create and memorize multiple passwords like Wt4e-79P-B13^qS.
Instead, you want long, weird strings that neither computers nor people can guess. Humans are bad at coming up with these-we all pick the same “random” words, and we’re bad at remembering actually random strings. Follow this guide to make good passwords, or better yet, let an app make and remember them for you. Best Ways To Create A Strong Password
Create your passwords very long
Your enemy isn’t some guy in a ski mask trying to guess your password one try at a time. It’s a program that automatically runs through massive databases of common passwords or random combinations of characters.
The best answer to that is a very long string of words. As the webcomic xkcd famously pointed out, a bunch of plain words will do fine. Best Ways To Create A Strong Password
Don’t use a common phrase
But don’t use the same bunch of plain words as everyone else. If your password consisted of the entire script of Hamlet , it would still be unsafe if everyone else had the same password. “When in the course of human events” is a shitty password. So is a famous movie line, or a Bible verse, or even an acronym of a Bible verse.
And don’t get clever with thematic or personally meaningful passwords. Sometimes humans do try to crack passwords, so don’t help them out by using your son’s birthday or the phrase printed on your favorite coffee mug.
Test your password
If you use a password manager, it’ll test your password in real time, on the safety of your computer. The sites How Secure Is My Password? , How Big Is Your Password? , and How Strong Is Your Password? test if your password is long enough. But they won’t warn you about common guessable phrases, like those Bible verses.
Of course, typing your passwords into unfamiliar sites is a bad habit. These sites are safe, as they’re all publicly run by trusted developers who promise that your entered text never leaves your computer. Still, to be safe, just use these sites to get the gist before you make your real password.
Don’t reuse your password
When your password on some web service gets hacked ( and it will ), you’d better hope you didn’t use the same password on three other services. Don’t use a weak password for services that “don’t matter,” because some day you might give one of those services your credit card info, or use it to authorize more important services, and you won’t think to beef up your password.
Don’t store passwords in your browser
Those can get hacked, too. Some of Opera’s saved passwords were partially hacked last year . Even Google accounts are vulnerable. A hacker doesn’t have to defeat Google’s security-they just have to trick you , and it’s a lot easier for hackers to pose as Google and request your login than it is for them to pretend to be your chosen password management app. If your Google account gets hacked, you’ll be in enough trouble without also worrying about all your saved passwords.
Follow the rules every time
Of course, your bank, your doctor’s portal, and your library are still following the outdated security recommendations, so they’ll still force you to follow weirdly specific rules for password creation, like making you start with a letter or include one symbol. (Ironically, by lowering the number of possible passwords, these rules make them easier to crack.)
First generate a random, secure password with your password manager. Then amend that password as minimally as possible to comply with the service’s specific rules. Do your password editing inside your password manager, so it can alert you if you’re turning a strong password into a weak one.
We’ve covered how to create a memorable password if you absolutely have to. But since all our recommended password managers offer mobile apps (KeePass recommendscertain third-party mobile ports ), you can save your password anywhere you go. There’s just no reason to make up your own password.
Use two-factor authentication
While it isn’t foolproof, two-factor provides a layer of security for only a minimal loss of convenience. But not all two-factor is equally secure. Dedicated authentication apps are a lot safer than just getting a code over SMS. But both are safer than a password alone.