What makes a good online password?

You’ve seen them many places on the Internet:  “Create your password fields.”

They all have different criteria.  Some want a length of 8, while others only 7.  Some require you to have a number or symbol, or both.  So why would you need to have a symbol or a number in your password?  Is there a secret to the length?  What is a dictionary attack?  Now I want to keep this pretty basic, so I won’t get too techy on you. 

A dictionary attack sounds like it’s limited to words from a dictionary.  It can be, but it goes a lot deeper than that.  For starters, it sounds logical that if I use the word “love”, it falls into this category.    A dictionary isn’t where an actual dictionary like Webster’s is used. It’s more like a list or index of words that it’s being compared to.   Someone could have a huge database of words which it can rule out by comparing each entry with your password.

Adding additional characters decreases the likelihood of your password ending up in somebody’s dictionary.  The regular U.S. English alphabet has 26 characters; a-z.  Most systems recognize the difference between lower and upper case.  So now we have A-Z and a-z.  Adding numbers, adds 10 more, and adding various combinations of symbols … well you get the point.

Educating people about passwords help… a lot!  However, while we are confident that we have chosen our unbreakable password, we can’t forget about the often overlooked hacking technique:  Social Engineering.   What is this?  Simply put, I will try to find your password by asking you random questions, looking for sticky notes under your keyboard, or in your drawer.  It’s the process of using communication and good ol’ fashioned detective work.   I think most people understand that the name of your pet, or spouse is NOT a good password.  How easy is it to find out your mother’s maiden name, a dog’s name or your first born?  You would be surprised at how many people have their password on a sticky note applied to the bottom of their keyboard.  Also, another thing that’s not uncommon is a password that is visible while sitting at the computer, e.g., brand of monitor or keyboard, a word on a poster or calendar.  Overlooked things like this make it possible for people to gain access to your computer or websites you’re registered on.

Back to the subject.  What makes a good password?  We know eventually all passwords can be broken.  That is no secret.  Changing it often helps.  Here are some tips:

  • Use at least 7 characters.  Some say 8, but 7 is sufficient for most things in my opinion if you use a good variation.
  • Do not include your name, username, company name
  • Do not use “123” just to satisfy the rule of using numbers.  E.g. mygirl123
  • Use a combination of upper and lower case letters numbers and symbols (!@#$%^)
  • Use L337 if necessary.  Wait!  What is L337?  Some refer to it as leet (elite) speak, or teen chat code.  For example, I use the word “greatscott”  I could use Gr347$coTt or Gr34TSC0T.  You can see the pattern. Zero for O, 1 for L or I. etc.
  • Use a different type of obfuscation, for example,  replace vowels with the number of the alphabet.  Gr21tSc44t.  AEIOU = 12345

Now, I’ve only listed a few easy ways to create a good password.  Whatever pattern you use or create, remember it.  Remember the pattern and it will help you remember the password.  A password isn’t any good if you can’t remember your own!

This entry was posted in Email for Kids, Internet Safety and tagged , , . Bookmark the permalink.

Leave a Reply