If you are like me, you probably have over a hundred online accounts that all require a password. And you probably use the same password on multiple accounts. And, you probably haven’t changed some of them in years.
I often worry about the security of my internet accounts, especially those that contain my personal information such as birth date, social security number, financial data, etc. So I try to be careful. I don’t save my credit card on shopping sites if I don’t have to, for example. I also try to choose strong passwords and change them often, which, I think, is the first thing that should be done.
A good password is something that is easy for you to remember but hard for anyone else to guess. That is so obvious, I know, but is actually difficult to implement. Here are some tips that can help you pick better passwords:
- Use long passwords (see more below);
- Use a combination of capital letters (ABC), lowercase letters (abc), numbers (0-9), and special characters (@!#$&*) if allowed;
- Don’t use dictionary words;
- Don’t use numbers in sequence or repeated pattern (12345 or 22222);
- Don’t use personal information such as your birth date;
- Try to come up with a common phrase and pick the first letter of each word, then randomly add other stuff mentioned above;
- Try to pick a word in your native language and “encrypt” it into English;
- Try to use something you remember as a child as the base of your password;
- Try to change your user name and password combination regularly;
- Try to use a password tool/software to store all your passwords in an encrypted format.
Why is a long password (8 – 12 or more characters) so important? Someone who tries to steal your password is basically using a computer and the right software to guess it. It comes down to probability, really. Say your password is abc, there are only 17,576 (= 26 x 26 x 26) possible combinations. It takes a computer a fraction of a second to try every one of them. If you use uppercase letters too, the same three-character password would have 140,608 combinations. Allow numbers, 238,328. Add one more character, 14,776,336. See the point? If you use a long and random password that contains uppercase letters, lowercase letters, numbers and special symbols, it would literally take a computer hundreds of years to try all the possibilities.
Sometimes the problem is not your individual account, but the server. A hacker could break into a database and steal passwords that way. To minimize such risks, don’t use the same password on every account. At a minimum, separate them into different groups, such as easier passwords for those you don’t store much information to begin with, but very strong passwords for critical accounts. This way, even if someone gets your password from a gadget discussion forum, he is not able to access your Amazon.com or bank accounts.
Happy surfing, but stay safe!
Thanks for the tip. There is a Microsoft password strength checker that can be very useful.