Most companies and universities have password policies in place that enforce complexity requirements. But do you have a good policy you use for your personal accounts? You should create good strong passwords for any accounts you access – your email, eBay, online merchants, your personal finance file on your system, etc.
When creating your password, it should:
- Be at least 8 characters long, but be easy to remember (more on this in a second).
- Contain at least one capital letter, a digit, and a special character along with the lower case letters. Some web sites may not allow special characters (shame on them!!), so be creative with more digits (preferably) or capital letters.
- Not be built from a dictionary word or any name – including character substitution!! For example, password is obviously a BAD password, but P@ssw0rd is also a bad password. Hacking utilities would have this figured out in very little time.
- Not contain sequences, patterns, or repeated characters, for example 123, 111, qwerty, etc.
So I mentioned making your password at least 8 characters. I tend to like to make them 8 characters exactly. Perhaps this is because of my past experience using UNIX systems, where the first 8 characters only were significant (standard UNIX would ignore anything after 8 characters), but I also think 8 characters would be easier for most to remember. What you don’t want is to have to write the password down; it should be something you can commit to memory.
So given the rules, how to actually create a good password? Think of a phrase seven to eight words long, and then use the beginning of each word to make into your password, mixing up the capitals, symbols, and digits. If you use seven words, you can use punctuation as the last character. If you can easily remember a longer phrase and the password you create from it, certainly go for it. Some examples (don’t use these for yourself, though):
Phrase: I found the Science Attic really useful today
Phrase: My dog Fido is the best dog!
Phrase: Firefox is a great internet browser to use
So you get the idea. And you can get really creative with this. 🙂 So have a little fun with it, while keeping your accounts that much more secure.