How to choose the perfect password and keep it safe
GET A MONTHLY ROUND-UP OF CONTENT TO LIVE YOUR BEST ONLINE LIFE
I bet reading this blog isn’t the first thing you’ve done on the Internet today. I’m going to go out on a limb and wager (I’m not likely to get cricket score odds for this one) that you’ve also had to enter a password at least twice already today. And for my treble banker, I reckon you used the same password each time.
This isn’t guesswork, I’m really just playing the numbers. Repeated surveys and studies of leaked password data, suggest that one in four of us use the same password for all our accounts – and that figure is only based on respondents being honest about their cyber naivety. Hands up, until I starting researching this article I was one of the 25% putting my data at very high risk.
Then one of our tech guys explained to me that using the same password for all of your accounts is like having the same physical key to every single lock in your life: your front door; your back door; your post box; your car; your bike; your diary, your office; your desk; your jewellery box; your bedroom. It may save your pockets from sagging under the jangling weight but imagine that one key is stolen and on the keyring is your home address and your work address.
Not only do we repeatedly use the same password, we’re just as guilty of using weak easy-to-hack passwords…over and over again. SplashData, a provider of password management applications, annually review leaked password data to highlight our lack of password sophistication (not to mention imagination). At No1 last year, unchanged from 2016, was ‘123456’. No2, also unchanged, was ‘password’, ‘letmein’ and ‘iloveyou’ were new entries at No7 and No10 respectively.
If this is ringing a fair few bells (of alarm and of memory) then it may be time to make a change. A good place to start is HaveIBeenPwned? to check whether your regular email address has been caught up in a data breach. This wonderful website is the brainchild of the Aussie cyber-tech genius Troy Hunt and helps establish if we’ve been impacted by malicious activity on the Internet.
So how do we pick that perfect password?
Troy recommends using a password manager, more specifically he recommends 1Password and if it’s good enough for Troy, it’s good enough for me. However, if you don’t feel ready to hand over your hard-earned dollars, there’s a few non-tech tips you can use to create a seriously tough-to-crack password – and never forget that password attackers have already factored in our predictable habits and have created very aggressive programs that will crack open our weakest spots:
- start with three random words and include lower- and upper-case letters. To make it more secure, add in numbers and symbols (such as @ # $ % ^ & *) – and make it at least eight characters long; or
- make up a memorable phrase or sentence, and take the first letter from each word to create a sequence; or
- pick a number of key words that mean something to you but aren’t obvious or guessable, pick a few key numbers (avoiding obvious dates like your anniversary) and then create passwords using a combination of both.
My favorite is to pick a song lyric, for example “Two worlds collided/And they could never tear us apart” and take the first character from each word to get “TwcAtcntua”. You could then add a further security twist by adding in some more symbols and digits. For example, that INXS track was released on August 8th 1988, which is quite the date! So, we end up with “TwcAtcntua8888!”
Once you’ve come up with your new passwords, then note them down in code and hide them away in an unlikely but not forgettable place, or save them to a USB stick or to your cloud storage. Whatever you do save your data from the risk of exposure.
Shaping Explained