By Ron Benvenisti. Many of us use the most obvious information for our passwords. Birthdates, kid’s names, sports teams and all kinds of things that can easily be figured out by using simple guesses to sustained brute force hacking. This is true of our email passwords, banking and other online services and even at work.
Creating great passwords is really pretty simple. One of the great quotes in the information security field is:
“Of course my password is the same as my pet’s name.
My macaw’s name was Q47pY!3, but I change it every 90 days.”
Sort of says it all but of course it doesn’t really work that way. There are proven and simple rules to follow to create strong and unique passwords for all your accounts. These basic rules will keep them different for each account but easy to remember.
The first rule is to create what might be called a password baseline or foundation. This will be the basic and easy to remember phrase that you will use to create your strong passwords. This phrase must have a mix of uppercase and lowercase letters, numbers, and even a symbol or two. Don’t panic, it’s not that hard, you’ll be surprised at how easy this is and how secure it is.
Let’s “Build” a Really Strong Password
First you will pick a phrase that you can easily remember. You don’t have to think about making it obscure. You can be creative like using a foreign language phrase in Yiddish, Hebrew, Spanis or whatever, just use English characters to spell them. A good example would be “potato kugel”. Sounds yummy, let’s go with that.
It satisfies rule number two which is, a password must be at least eight characters and should not have any proper names, birthdays, hometowns, schools, pets, kids, etc. Our example phrase meets these requirements (unless, of course, your name is Kugel, you might want to impersonate a Knish). It’s easy to do impersonations online, but I digress. Let’s get serious again. Don’t use a single word and just change some of its characters to symbols — hacker tools can sail through those in less time it takes to take a bite out of the Kugel, or Knish or whatever. Go for a passphrase with multiple words strung together as we said (so pick a potato latke, Mr. Finicky) — do not pick a single word password. Hackers try every word in the dictionary on your password in nanoseconds so make it a “passphrase” with at least two words.
We’re Not Done Yet – This is the Good Part
Now you’ve pick a passphrase, you will stick it together in a single word (potatokugel), and then add a few capital letters that are easy to remember (PotatoKugel). Great. Now spice our passphrase foundation with a few random characters to keep things challenging for the hackers. Here’s an example: ([email protected]). Did you catch that? The “a” in Potato became an “@” and the last “o” became a “0” (zero); the last letter in Kugel went from an “l” to a “1”. Still with me, it’s not too hard to grasp, no? Piece of cake, errr… Kugel. Lukshen Kup.
Remember this because this is going to be your base password which will always be used to build the really killer password, which will still be easy to remember. Hang in there, this can save you’re identity and protect your privacy. So now you’ve got this passphrase memorized I’ll show you how to use it as a master key that will allow only you to unlock any of your email accounts or on any Website. You just need to follow one more simple rule.
Let’s Get to the Really Bulletproof Part
To create the most secure password possible, I’m going to show you a simple pattern to add to the passphrase to generate a unique password for every account you have. Stick with me because this is where it gets really interesting and requires the most attention.
For example, always use the first and fourth letter of a Website’s name stuffed into the middle of your passphrase, capitalizing the first letter while leaving the fourth letter in lower-case. So that Amazon becomes “Az” That means your Amazon.com account would have the unique password [email protected], while your Wells Fargo account password would be [email protected]
Use this pattern and you will have a unique alphanumeric password for every website and email account you have. Easy to remember but pretty impossible for any hacker to figure out. Switch it from first and fourth letter to other letters, start from the last letter of the URL – just be consistent so you remember the pattern.
Even so, remember that there is no such thing as the “perfect password”, but using your own unique passphrase following these simple rules will go a long way toward keeping your identity and privacy beyond the reach of hackers.