Guidelines For Creating Strong Passwords

Its been a while since i wrote a Security article , Today i will be sharing some Guidelines For Creating  Strong Passwords .This article was originally written by lockdown.co.uk .and its been modified by me.
Choosing the right password is something that many people find difficult, there are so many things that require passwords these days And remembering them all can be a real problem.Because of this a lot of People choose their passwords very badly. The simple tips given below are intended to assist you in choosing a good password


Guidelines For Creating Strong Passwords
The following are some Guidelines for creating a strong password

Basics
  • Use at least eight characters, the more characters the better really, but most people will find anything more than about 15 characters difficult to remember.
  • Use a random mixture of characters, upper and lower case, numbers, punctuation, spaces and symbols.
  • Don't use a word found in a dictionary, English or foreign.
  • Never use the same password twice.

Things to avoid
  • Don't just add a single digit or symbol before or after a word. e.g. "apple1"
  • Don't double up a single word. e.g. "appleapple"
  • Don't simply reverse a word. e.g. "elppa"
  • Don't just remove the vowels. e.g. "ppl"
  • Key sequences that can easily be repeated. e.g. "qwerty","asdf" etc.
  • Don't just garble letters, e.g. converting e to 3, L or i to 1, o to 0. as in "z3r0-10v3"

Tips
  • Choose a password that you can remember so that you don't need to keep looking it up, this reduces the chance of somebody discovering where you have written it down.
  • Choose a password that you can type quickly, this reduces the chance of somebody discovering your password by looking over your shoulder.

Bad Passwords
  • Don't use passwords based on personal information such as: name, nickname, birth date, wife's name, pet's  name, friends name, home town, phone number, social security number, car registration number,  address etc. This includes using just part of your name, or part of your birth date.
  • Don't use passwords based on things located near you. Passwords such as "computer", "monitor", "keyboard", "telephone", "printer", etc. are useless.
  • Don't ever be tempted to use one of those so common passwords that are easy to remember but offer no security at all. e.g. "password", "letmein".
  • Never use a password based on your user name, account name, computer name or email address.

Choosing a password
  • Use good password generator software.
  • Use the first letter of each word from a line of a song or poem.
  • Alternate between one consonant and one or two vowels to produce nonsense words. eg. "taupouti".
  • Choose two short words and concatenate them together with a punctuation or symbol character between the words. eg. "seat%tree"

Changing your password
  • You should change your password regularly, I suggest once a month is reasonable for most purposes.
  • You should also change your password whenever you suspect that somebody knows it, or even that they may guess it, perhaps they stood behind you while you typed it in.
  • Remember, don't re-use a password.

Protecting your password
  • Never store your password on your computer except in an encrypted form. Note that the password cache that comes with windows (.pwl files) is NOT secure, so whenever windows prompts you to "Save password" don't.
  • Don't tell anyone your password, not even your system administrator
  • Never send your password via email or other unsecured channel
  • Yes, write your password down but don't leave the paper lying around, lock the paper away somewhere, preferably off-site and definitely under lock and key.
  • Be very careful when entering your password with somebody else in the same room.

Remembering your password
Remembering passwords is always difficult and because of this many people are tempted to write them down on bits of paper. As mentioned above this is a very bad idea. So what can you do?
  • Use a secure password manager, see the downloads page for a list of a few that won't cost you anything.
  • Use a text file encrypted with a strong encryption utility.
  • Choose passwords that you find easier to remember.


Bad Examples
  • "fred8" - Based on the users name, also too short.
  • "christine" - The name of the users girlfriend, easy to guess
  • "kciredref" - The users name backwords
  • "indescribable" - Listed in a dictionary

Good Examples
None of these good examples are actually good passwords, that's because they've been published here and everybody knows them now, always choose your own password don't just use somebody Else's.

  • "mItWdOtW4Me" - Monday is the worst day of the week for me.

If you find  difficulty in selecting a password you can use this website  www.strongpasswordgenerator.com 
which automatically generates a strong password  for you, The website allows you to choose a  password length and also gives you hints through which you can easily  memorize the password


Hope this Information Helps ,If you have any doubts please feel free to post a comment 

Subscribe to Hackaholic

Enjoyed this article?
Subscribe to "Hackaholic"and get daily
updates in your inbox for free!

Related Posts Plugin for WordPress, Blogger...

Mortar said on May 3, 2011 at 7:12 AM :

Hi, I just read an article about creating strong passwords in a german security&hacking magazine.

They explained a pretty nice method to avoid using the same password twice by using the same password still 'once'.
Sounds strange, you're probably tinking now.. let me explain...

1) Create a strong password as explained in the blog article. (For example:mItWdOtW4Me; This will be your standard password.
2) Think of an 'Introductory Part'(sry, haven't found any better word for that)
For example: First letter of the website's name at which you are registering/ changing password + _ + last letter of the website's name + _ + number of letter's in the website's name. + :
3) Combine your standard password with the 'Introductory Part'
Looks more difficult than it is...

Some example:
Google.com -> G_E_6:mItWdOtW4Me
Yahoo.com -> Y_O_5:mItWdOtW4Me
Facebook.com -> F_K_8:mItWdOtW4Me

Now you can use the 'same' password for every website but it's still secure.

Remove the following part(A message to the blog owner)

Feel free to add this to your blog article ;)

REPLY

Use the form below to comment. No spam please!!!

© 101hacker | Design by Mukund edited by John
Powered by Blogger