Needless to say that passwords should be strong to keep your information safe and hence yourself! Everybody knows how important it is to keep the passwords safe and secured. While this should be mostly taken care of at the service provider side like emailing, etc., it is also users’ responsibility to create strong and well-built passwords and hence achieve the security together. It is strongly recommended that your passwords should contain all types of characters, this article would provide you the detailed version of creating strong passwords. A password meeting the above requirement may not be secured all the time. For example, AAAaaa111! Is that a strong password? Not indeed. Following tips would help you create stronger passwords to keep your world safe.
The lengthy the passwords the stronger are they. Each character you add to the password increases its strength several times over. Minimum length should be 8 characters. 14 and above are considered strongest and ideal. Making length passwords and remembering them is comfortable when the systems allow you include the blank spaces in the passwords. This then becomes the pass phrase.
Letters, numbers and symbols:
Variety of characters would obviously make the passwords strong and harder to guess. Can’t remember complex passwords containing symbols? You may use just alphabets and numbers to create the passwords, however these passwords have to be longer. A 15-character long password composed of only characters and numbers is 1000s time stronger than a 8-character long password composed from the entire keyboard. If you really want to create no-symbols passwords, you have to make sure that the passwords are sufficiently longer. However, it is always recommended to include the symbols.
Make use of entire keyboard:
Instead of using the common symbols and characters, try making use of other symbols also. Passwords created holding the shift key and following a sequence on keyboard are not much stronger. Though any password strength checker would give it nice protection score, it would not be normally that secured and hacker might discover it after multiple attempts. Use words or phrases that are easier for you to remember but harder for others to guess.
Convert a pass phrase into a password:
If your system doesn’t allow you to use spaces, no worries, you can convert the pass phrase to a password by following the below steps:
- Think of a statement or a phrase that you can remember but others can’t guess. Example – I love my life like crazy
- Try to spell the words in the phrase into some non-sensible words like Love can be spelled as luv, life as lyef, like as lyk, etc. So you have – I luv my lyef lyk krazee
- Add complexity by finding the letters that can be converted into symbols or numbers and Capitalize the first character of the alternate words. Example – ! 1uv my Lyef lyk Kraz33
- Join the words (remove the spaces) Example – 1uvmyLyeflykKraz33
- Check your password’s strength using Microsoft Password Checker tool provided by Microsoft. Using the Microsoft Password Checker, the result for the above password is BEST!
Things to avoid while creating passwords:
- Avoid sequences or repeated characters. Example – abcdefg, bbbbbbb, 123456 or adjacent characters on your keyboard.
- Avoid using only look-alike (100k-a1!k3) substitutions of numbers or symbols. The hackers are sometimes smart enough to replace these common characters with corresponding numbers or symbols as done for "look-alike". However, they can be fooled by misspellings, length, case variations, etc.
- Avoid using your login name, first or second name, birthdate, your city, etc in the passwords.
- Avoid dictionary words in any language. The hackers can use software to generate the common misspellings, reversed sequence of the characters, common substitutions.
- Avoid storing the passwords online.
- Do not provide login information at non trusted sites. People may create user accounts while registering on some site providing the same username and password as that of the email account also providing the same email ID. Example – A user with email id email@example.com with password xyz@123 creates account on some www.pqr.com with username xyz and password xyz@123 and providing firstname.lastname@example.org as an email id for communication. This puts the user’s email account at a huge risk unless www.pqr.com is very much trusted.