Creating a good password is very simple, but many people do not want to take a couple minutes to do so. A large social network applications website RockYou.com was recently hacked, and the results were posted online. This gave researchers something to think about, because there were 32 million email addresses, passwords, user names, etc. to be studied. Imperva compiled the results of their research recently, and they found that 30% of users had passwords of six characters or less and that 50% of users used names, words, or trivial passwords.
Their study found these as the top 14 passwords:
- rockyou (Name of the website)
As a computer science student I can tell you that these passwords are all incredibly easy to hack using a brute force or rainbow crack. If your passwords even slightly resemble these you should change them immediately because you are putting your personal information at risk. When trying to break into an account the first thing you do is run through a list of commonly used passwords (such as the ones listed above, dictionary words, names, places, sequential keyboard characters). You want a password that is easy to remember, but not easy for even friends or family to guess.
Creating a secure password is quite easy, just follow these guidelines and you will have nothing to worry about.
How to Create a Secure Password:
- Use a dictionary word, person’s name, place, etc. as your entire password. Example: password, Michael, your last name, Texas
- Use sequential characters. Example: 1234567, qwerty, asdfgh, 999999
- Use personal information. Example: (your last name)+(DOB), (first name)+(street address), (son’s name)
- Use a password shorter than 8 characters
- Use the exact same password for every website
- Use more character classes, more types of characters will make a more secure password. Try to implement special characters such as &,#,!<},|, numbers, uppercase letters, and lowercase letters. For example, the word television is very insecure. TELEvISIOn is more secure, and t3L3v|S|0n is much more secure.
- Use more than one word – phonetoiletdistrict is much more secure than any of the single words.
- Use a phrase to create an easy to remember password. Example: “The only thing to fear is fear itself” would become “Toltfifi”.
- Use multiple passwords, for instance your email address uses st1ffuPPerlip but your bank account is blu-rayc4tsftw. You can also use one “master password” and modify it based on the site, for instance you could use “nonANsequent1a!” for a password and change the AN to be the first and last letters of the website you are registering for. “nonANsequent1a” would be your password for Amazon.com, “nonEYsequent1a” would be your password for Ebay.com.
- Replace letters in a word with characters that resemble it. Example: bottle would become b0tt!3
- Add a random non-alphanumerical character into your password in the middle (not the beginning or end). Example: ilikefishing – ilike!!fishing
The longer your password is, and with more variation of character classes, the better protected you are. My passwords are typically 20+ characters made up from things around me and then I substitute in characters. Here is an example password, I am looking at a cookbook I got for Christmas called “Favorite Italian Recipes”. I would turn that into “F4v0r1t3_iTA1ian##$%_r3ci[p]ez” which might seem like a lot, but in reality you can type a 20 character password in about 1-2 seconds and it is just as easy to remember as “123456″ after doing it 100+ times.
If you haven't yet, you probably want to sign up for my Newsletter to receive my posts, tips, and much more.
Keep the conversation going below with some comments and share it with others!