Passwords

The securest password is one you don't have to write down.  Although this advice sounds trite, it is often ignored.  Many sites demand the most complicated passwords which have to be written down.  Although 7#Az)e3]qP2v seems the height of security it might as well be 1234 as it will have to be written down somewhere near the computer.  Many of the best hackers/crackers use what Kevin Mitnick called 'social engineering'; that is they get the password from the user.

Walking into an office and seeing a post-it near a monitor with something like K6$a05(3frpe is an instant alert 'Secret Base 1 Mile ->"   But what else can be done with a password so complex the human brain can not memorise it easily.  Of course, in offices with that kind of security the password changes frequently.  Not that it does any good as the chap who delivers the Pizza, or cleans the floor is going to see it and copy it.

As passwords are the first line, if not the only line of defense most users have, one can see the dangers of creating a password that isn't so easily recalled that one can type it as quickly as their name. 

So the first rule is to select a password you can Remember.     

The second rule is that it shouldn't be so easy as to be guessed.  For example, on the desk is a picture of a dog called Bingo.  Anyone who would try to hack your computer will grab that name as their first choice.  If that doesn't work then it's 1234.   If that doesn't do it, your name, your birthday, your spouse or children are the next tries.

After that, (or before that if you are a well known fan of a sporting team and the team's name or nick was tried) comes your interests.  Hence 'Gunner' if I know you follow Arsenal.  

If those don't work, the hacker will move on.   Someone else will have an easily crackable password.

Hence, you pick an easy to remember password which in no way connects to you. 

Let us take an every day word; umbrella.  On it's own it seems unlikely to be guessed, (unless you have an umbrella in direct view of your work station).  Simply change a letter to a number; umbr3lla.   That's pretty easy for you to recall and is fairly strong. 

It is far harder for even the greatest cracker to guess umbr3lla than for the pizza guy to know that K6$a05)3frpe is your password.

 

2 Comments

Written by intellifax, 451 days ago.
I agree...I have started adding numbers into my passwords. Very well written and easy to understand. Thank you Jaye.
Written by Jaye, 451 days ago.
I once joined a free online storage site and the password was so complex that I didn't bother. It's no sense. For most things an easy to recall password with an odd twist...such as adding numbers or even a mispelling (I deliberately misspelled that word for effect)
You must log in to comment.
Written by 456 days ago
in Internet Security
Copyright © Jaye, all rights reserved. You are not allowed to copy or use the contents of this page without permission from its author.

Related Articles