How To Create A Stronger Password
This is a topic that comes up time and time again. And as more and more sites are compromised it becomes more apparent that way to many people are guilty of using a weak administrator password for website or other services and should learn how to create a stronger password.
I know I have written about this in the past but I can’t count the number of emails I’ve received recently to tell me that my password may have been compromised and may now be on a list of “known” passwords. While I take pride in having a strong password that is hard to guess it is very possible that my passwords have been added to a list that hackers now have access to as there are now databases of recovered passwords being shared.
Sadly this happens due to the fact that many services are not encrypting the passwords they store on from their users. That means that if the database for that service is hacked and no encryption is in place then the passwords are displayed exactly as you would have typed them in. Encryption would “scramble” them in away that anybody reading it would have no clue what the password is.
There are no standards on what a password “should” be but many places recommend it to be a minimum of 8 characters with one uppercase and one lower case letter and one number as well. Other places will add to that a special character such as !#$%&^*()_+=-. While the minimum is 8 characters, some places use a strength percentage and require a minimum password score of at least 80%.
Many times people will use children’s name and birth dates as their password. Or a loved one and address to their house. While that is easy to remember it’s also risky in the fact that if your personal details have been compromised as well.
I’m sure by now you’re seen the news and reports about identity theft. The more the know about you the better chance they can figure out your password(s) to gain access to anything and everything about you online.
Password Possibilities
I mentioned earlier the normal request for password length and standard requirements but here I want to explain some password creation possibilities. It seems with more and more password attacks and such, the need to increase password length and strength is even more important.
I can’t count how many times I’ve seen simplistic passwords such as a child’s name and birth year. Or the name of a spouse, the street the person lives on and such. Information that is readily available if you’ve been truly been hacked.
With that being said I would recommend staying away from the obvious choices of family members, street names, address numbers etc. Also if you’ve used a word as a password reminder, refrain from using that as well.
Think of something memorable to you and make a variation of it. A favorite movie, book, song etc. Pick a phrase from your selection. For Example maybe you’re a fan of the movie “It’s A Wonderful Life” you could turn that into a password iAwL3194 by taking the first letter of each word alternating upper and lowercase letters and then using the letter count for each word as a number “it’s” has 3 letters “A” one letter “Wonderful” 9 letters and “Life” 4. Easy to remember and once you’ve typed it a few times becomes locked into muscle memory.
To make it even more secure you could add a special character. Many services are requesting that more and more. As I mentioned earlier a special character is generally one of the following. !”#$%&'()*+,-./:;<=>?@[\]^_`{|}~
So you could take our password iAwL3194 and add one of those characters to it such as iAwL3194! Or iAwL_3194. You can see how that is pretty easy to remember. In a quick password strength test the password iAwL3194! Scored a 98%. I’d say that meets the requirements we’re looking for.
Now if that is still too difficult to remember you could use a similar strategy, again using that same movie “It’s A Wonderful Life” pick out a memorable phrase from it. One I like is “Why don’t you kiss her instead of talking her to death”. While that is a lengthy phrase we could shorten it and use some simple special characters to make (minus the quotes). “Why-Don’t-You-Kiss-Her” The dashes act as a special character, and alternating upper and lowercase letters. Using the same password strength test that password ranked at 100%!
Another variation would be to switch a few of the vowels for numbers, As you recall some services require a number. Using the same phrase we could make it “WhyD0n’tYouK1ssHer”. We’ve swapped out the first “o” for a zero, and the “i” for a 1. I usually wouldn’t recommend swapping every vowel as that makes it too much of a pattern.
As you can see there are various ways to generate a password that is easy to remember. One additional strategy I’ve read about that makes a lot of sense in the case of services getting hacked. Is by using a base code and modifying it for each service. For example if we use “iAwL3194!” as our base code and we are creating a password for our FaceBook account then we would simple ad Fb to the end such as “iAwL3194!Fb”. Or for Netflix “iAwL3194!Nf”, and “iAwL3194!Gm” for Gmail. By doing this we’ve created a unique memorable password for each service and can have a peace of mind knowing we’re more secure than before.
As promised the two password strength tools I’ve used to test the passwords with is:
https://howsecureismypassword.net
I hope you’ve found this article helpful. Leave any feedback you would like in the comment section below.