10 Super Secure Password Tips for ‘Change Your Password Day’
The tech bloggers over at Gizmodo have officially declared February 1st to be Change Your Password Day. We all know it’s something we should do and they think this is the best way to get us to succumb to positive peer pressure and change our passwords together for better security.
Not only is it important to change your passwords, it’s also important to make sure they are actually protective passwords and not easily hacked. We’re not talking about protecting against the tech savvy kid next door hacking into your wireless internet or the guys at work pulling pranks on your PC. We’re talking about protecting against computer programs that can, according to Gizmodo’s Rachel Swaby, “run thousands of encrypted passwords by dictionaries of several languages, everything in the World Fact Book, and Wikipedia in a matter of minutes.”
To help you celebrate the inaugural Change Your Password Day, here are 10 tips for creating a super secure password.
Use Different Passwords
Each online account you have should have a different password. It may be easier for you to have a few root passwords that you change slightly for each account, but even that is less secure. If someone or something hacks into one account, imagine the access it has to all your other accounts, even just by changing a few characters.
Avoid the Obvious
Sure, they’re easy to remember, but computers and people are very good at guessing obvious passwords. A brute-force program can hack a common, random dictionary password like “monkey” in about 3 minutes. Uncommon words or anagrams can be hacked in a little over an hour. And, any program or person can get a hold of birthdates, anniversaries and phone numbers very quickly on the internet.
Make It Complex
Random, non-word characters can be hacked by a brute-force program in about a month. Add some numbers to those random characters and that time increases to eight months. Try to pick letters and numbers that mean something to you, but that aren’t obvious or found online.
Add Even More Complexity
By adding just a little bit of complexity to your password, you can make it secure for life. It would take a brute-force program 219 years to hack a password that contains just 6 random characters with mixed letter cases, numbers and symbols. By adding a symbol or two to a short password, you greatly increase your security.
Use a Passphrase
Experts now believe that easily remembered, random, multi-word phrases are ten times more secure than the most secure random character, mixed case, number and symbol passwords. This is true because the phrases exist only in your mind.
Longer Is Better
Whether you’re using characters, symbols and numbers or passphrases, longer is always better. Make sure you’re using at least 10 characters if you can. This adds more time to a program's ability to hack them.
Keep It Weird
Again, no matter which type of password you use, add strange characters or symbols and numbers to throw any brute-force program off the trail. Even adding spaces to a password will help. And if you can’t add a space, add an underscore or other punctuation.
Don’t Use These Passwords
Whatever you do, don’t use the worst passwords of 2011. These were actual passwords people were using last year, and surprisingly, they were useless. Topping the list of 25 were: password, 123456, 12345678, qwerty, abc123. Also making the list of shame: letmein, iloveyou, passwOrd, 654321, trustno1.
Change It Often
It has been said that passwords are like toothbrushes -- don't let anyone else use it and change it every six months. Experts say, depending on your amount of internet usage, you should change your passwords every three to six months. And, even though it’s annoying, you should really change it, not just make a slight change. Keep in mind that a hacker can only access accounts with that password for as long as it was the password. Changing it limits what can be hacked. And, if it takes a brute-force program eight months to hack a minimally complex password, if you change it in six, your problem is solved.
Get a Password Management App
Good password management apps are becoming readily available. If you're sacrificing security for passwords that are easy for you to remember, consider getting an app that will keep track of them for you. Some popular apps are 1Password, Keeper, KeePass and LastPass.
Happy (and safe) surfing!