Digital Forge > web design & video production.

Secure passwords

secure passwords

It seems that every online service requires you to remember yet another password. The problem is that people can't easily memorize truly strong passwords, which are usually lengthy random string of characters and numbers.

Here are some simple techniques and guidelines which can increase the security of your passwords while making them easier to remember.

Basic password rules

A good password should:

  • contain a minimum of 8 characters.
  • mix upper and lower case characters.
  • include numbers and punctuation if possible.
  • be easy to remember so you don't have to write it down.

Your password shouldn't be or contain a real word, phone number or birth date, or be written on a sticky note attached to your monitor.

Easy to remember passwords

A nonsense set of letters, numbers and punctuation makes the most secure password but is also the most difficult to remember.

A simple technique to generate easy to remember but secure passwords is to choose a line from a song, quote, poem or movie and make a password using the first letter of each word. Choosing a phrase that has special significance to you makes it easy to remember and combined with some capitalisation and simple substitution of letters to numbers can form the basis for a secure password.

The simple solution to the "hard-to-remember safe password" problem is to convert an easily remembered phrase into a password. Choose a line from a song, quote, poem or movie which has special significance to you and make a password using the first letter of each word. Combined with some capitalisation and simple substitution of letters to numbers can form the basis for a secure password. Then you just have to remember the phrase.

For example, taking the first letters of the phrase "A bird in the hand's worth two in the bush" would give 1bitHw2itB.

Some words have been converted to numbers, and when you throw in a couple of capital letters this is a strong but easy to remember 10 character password.

This seemingly random password would be good for low and medium risk online services. For higher risk services I would choose a longer phrase and add some punctuation characters.

Rate the risk

Having the same password for your online photo gallery as your online shopping and banking services is potentially hazardous because all your information becomes vulnerable if your password is discovered.

Minimise the damage someone can do if they discover a password by grading online services into high, medium and low risk categories and have a different password for each level.

Services like online photo galleries where the damage malicious users can do is minimal would be low risk.

Medium risk involves services like Facebook or other social networking or blogging sites where people could cause embarassment or worse by impersonating you.

I would suggest that anything involving finances like online shopping and banking should be included in your high risk category.

Of course, even the most secure password is useless if you write it on a sticky note attached to your monitor. Keep your passwords secure and confidential.