Thursday, 8 October 2009

WhyNotSmile Guide To Choosing A Good Password

You know that WhyNotSmile is looking out for you all, all of the time, and so it was with a certain amount of concern that I read yesterday that the most common password among a load nicked from Gmail/Hotmail/Yahoo/or something was '123456'. Other frequently used passwords include 'password', 'hello' and 'secret'. I mean, seriously, people, you need to do better than this. This is your identity we're talking about here, your emails, your photos, your secure personal data and your bank details. It's about time you all started taking password selection with the appropriate gravity.

And so I am pleased to present the WhyNotSmile Guide To Choosing A Good Password.

Section 1: What makes a good password?
A good password has 2 elements:
1. It must be secure
Words are not secure. How it works, you see, if you're trying to hack into someone's account, you get a computer and a dictionary, and you get the computer to keep trying to log in with each word in the dictionary in turn. A surprising number of people use words only for their password. Or they use their children's names, but this can easily be hacked in a similar way.
Short passwords are not very secure. g5, for instance, is not a word, but it's hardly rocket science to guess.
Combinations of letters and numbers are more secure. And if you add in some punctuation, it becomes even more secure. But some things you might sign up to will not allow you to use punctuation. So a password like 'x5t67!h1' is quite secure.
This, however, brings us to point 2:
2. You must be able to remember it
There is no point in outwitting yourself. Nor is there a lot of point in having a password so complicated that you need to keep it written down beside your computer all the time. So it needs to be something you will remember.

Section 2: Methods for generating good passwords
You can get things that will generate a password for you; these tend to be good on security and poor on rememberability. Fortunately, WhyNotSmile has some suggestions. In this section, we will look at how you can generate a 9-character password. For most things, this will be secure enough, but if you work for the FBI, you want to treat it as an introduction and extrapolate a little.

Step one: get 6 random letters of the alphabet. These can be anything, as long as you remember where they came from. Suppose you choose a song you like, and take the first letter of each of the first 6 words: taenat, for instance. Or, choose your grandparents' and parents' first names and take the final letter of each: nmdass. It doesn't really matter, as long as you remember what you did.

Step two: choose 2 random numbers. For example, take the final 2 digits of your parents' phone number: 46. Perhaps reverse them.

Step 3: choose your favourite punctuation: _

Step 4: combine them in some way that you will remember: ta46en_at for instance.

Now you have generated your own password which you can remember, and which is more secure than 'welcome'.

So don't come crying to me if someone steals your identity.


Anonymous said...

i cannot think of any songs that have 6 words in the title. please can you assist?.....

Anonymous said...

oops, i followed your suggestions but my parents have now moved and i can't access anything - HELP

whynotsmile said...

Head and Shoulders Knees and Toes

whynotsmile said...

I'm laughing at you now