Internet security is never far from the news these days.
In the light of recent high profile security breaches, two pieces of advice come to the fore: use different passwords on all your accounts and make sure they are strong.
This is pretty much part II of an article I wrote on good password practises earlier on this year.
In that post I mentioned the use of “passphrases” which are exactly what they sound like. Instead of a single (ideally) long and complex word, a passphrase is a phrase that is easy to remember and yet can be significantly more secure than a single password.
It seems the biggest hurdle to creating a strong password is being able to remember it. I recommend using different passwords or passphrases across all your accounts and a system like 1password to generate and remember them for you.
That being said, there are always situations where you need to create a strong password you can remember – for instance the master password for your computer or for your password manager.
The good news is strong passwords and passphrases can be pretty easy to remember. The key is the length and complexity but this doesn’t necessarily make them difficult to remember.
Take this passphrase example the Diceware site:
Cleft cam synod lacy Yr
Not too hard to commit to memory and surprisingly very strong. The spaces are in fact counted as special characters.
According to one testing site, this would take 76.59 million trillion trillion centuries to crack in an online attack.
That’ll probably do the trick.
The key is in the length: “Longer Passwords make Stronger Passwords”.
Whatever you do, resist the urge to use a name or word followed by a numeral. Hackers know the common patterns people use and can crack passwords like that in short order.
Your passwords stand between you and disaster. It’s worth putting some effort into getting them sorted.
Here are some useful tools to help (tip – these sites seem secure and trustworthy, but don’t use them to test your actual password/passphrase):
Security Guru Steve Gibson on the Haystack concept – Test your pass phrase.
The Diceware Passphrase Home Page “This page offers a better way to create a strong, yet easy to remember passphrase for use with encryption and security programs.”
Interesting article with a helpful perspective on password management from troyhunt.com
Read ‘Part I’: WordPress Security: Passwords