Passwords: we all use them. Each site that requires a login, the computer at our work, our e-mail accounts, etc. They all require passwords. I often am amazed by how ignorant some people are when it comes to a proper password. How often do you hear a celebrity who’s account has been hacked because their password was their daughters birthday, something that you can easily lookup on Internet. Or how many people use passwords like ‘password‘, ‘qwerty‘, ‘abc123‘ and more?
Well, like all of you, I also use passwords, and as a webdeveloper I have lots and many accounts which require logins. So let me just give you some little pointers on how you can use safe and proper passwords.
Never use the same password twice!
This one is pretty obvious, but not to everyone. A lot of people use the same password for all their services. Sure, it’s easy to remember, but once an account has been hacked, they can easily hack all other services where you’ve used that password. But now I hear you wine: “I can’t possibly remember all kind of different passwords for the different sites I visit!?!”. Well, to give you a short answer: Yes you can:
Create different passwords that are easy to remember
It’s very easy to make a strong password which is easy to remember. You just have to think of them in three parts:
- A part which is easy for you to remember, this could possibly be the password you might have been using al along. It would be wise to also include an uppercase and a number in this part, since some sites require your password to match these conditions. For this example, let’s pretend that this part is ‘Foobar1337’.
- Next up, lets use some non-numeric character, but I wouldn’t recommend to use a high ASCII-character. Once I included an upside down questionmark (¿) in my password, but this could become trickier when trying to login on another OS or mobile device. For our example, let’s say we use a hash character: ‘#’.
- Last but not least, and this is where the magic happens, let’s create a part which is unique for the domain you’re on. I’ll give you some examples:
Include part of the domain name in the password
For example, say you’re on twitter.com. You could:
- Take the name of the website ‘twitter’.
- Take the first two characters of the domainname: ‘tw’
- Or the last three: ‘ter’
- Or the first and the last character: ‘tr’
- Hey! Let’s just include the top-level domain with that: ‘tw.com’, ‘ter.com’, ‘tr.com’.
- …or even reverse it: ‘moc.wt’ or ‘tw.moc’.
- Throw in some uppercase here and there: ‘TW’ or ‘TR.COM’.
As you might have noticed, the above rules already could have created a bunch of passwords:
The possibilities are endless, and the only thing you need to remember is the static part of your password and the ‘algorithm’ of the last part. This makes it very easy for you to create a unique password for each site you visit, without having to remember a 1001 different passwords, because actually, you still have to remember just one.
Oh, and for the first part I’d like to point you to this comic:
Indeed, simple passwords are more difficult to hack and easier to remember. Another interesting read-up is the password haystack calculator from Gibson Research Corporation. It states that a password like ‘fG#8_R2@Qwz’ (10 random characters) is way easier to brute-force than a password like ‘…………………………1’ (30 dots followed by a one). Which one do you think is easier to remember?
Visitors give this article an average rating of 5.0 out of 5.
How would you rate this article?
★ ★ ★ ★ ★