The internet is a dangerous place these days. It seems every week a large network like Plenty of Fish, Lush or Playstation Network falls victim to a major security breach. If large companies like that struggle with the tenacity of hackers and their ever evolving tools, it hardly bodes well for the average internet user. But there are ways in which we can protect ourselves, the most overlooked (and probably the simplest) of which is learning how to create a strong password.
One study estimated that the same 25 passwords were used by 13,411 separate Gawker accounts. If that many people have the same password, it seems pretty likely that malicious internet users might catch on. The passwords used the most often are also the most obvious, including such gems as 123456, qwerty, 111111, and starwars.
Simple, easy-to-guess passwords like this are to be avoided at all costs. It’s also important to avoid including any personal information, such as a street address or a spouses name in your password. These personal details are often traceable and can be used to narrow down password choices.
In fact, the more complex the password, the better. If a password is 15 characters long, adding one more character can strengthen the password significantly, making it as much as 90 times more secure. Longer passwords are preferable because they take more time and more processing power to decipher.
Your password should be long, but it should also be diverse. Microsoft recommends the inclusion of as many character types as possible. Lowercase and uppercase letters, combined with numbers and symbols create more secure passwords because they increase the possibilities that must be worked through to crack the password. Words should be avoided, as they can be more easily detected than random characters.
The ideal password, then, consists of a lengthy and random variation of symbols, letters, and numbers. It should also be completely unmemorable, which obviously poses some problems. And to make it all the more difficult, most experts suggest that no password should be used more than once.
Certainly, it’s tempting to reuse passwords, especially when creating a new password can be difficult. But the more a password is used, the more likely it is that it will be broken. Once it has been cracked in one location, every other bit of personal information that the password protects is under threat. It’s not uncommon for cyber-criminals to leapfrog from one personal account to another, taking advantage of duplicated passwords.
And so we arrive at the disturbing reality that an ideal password is unique, complex, long, and unmemorable. How can we avoid becoming overwhelmed by the task of trying to keep all of these passwords straight in our head?
The best solution may be to rely on a password manager, like LastPass, 1Password or Keypass. These tools keep track of your numerous passwords for you, only asking you to remember a single master password. These tools are free, and are easy to use, making them a valuable weapon against malicious users.
To recap, longer, more complex passwords are better. Personal information should never be included in a password. Each password should be unique, and password managers help you to avoid having to remember each of your numerous passwords.