Got a tip? Let us know


How strong is your password

July 19,2017 1 comments

We live in a password-centric world, where between four and 20 characters are the difference makers in whether you're able to access your data, make your online purchases, or communicate with friends. It is also a whole new world, where the bad guys usually get the girl (the girl in our case is ‘access to your data without being caught’); and so your job is to make their job difficult. Making their job difficult means you have to use a new password for each account you have, this makes remembering a password from a pool of passwords extremely difficult. And so they also say, you have to make your password strong enough to withstand any attempt to crack it. Sincerely if a password is truly strong, this makes the job on your side even more difficult. But worry not, below is a fairly easy to understand guide on how to help you win the girl; make a strong password that is easy to remember.

Some common problems with your passwords

1.      One password for multiple accounts

Why would one use ten different passwords for 10 different accounts yet it is so easy to use just one strong password for the same 10 accounts? The problem is, if your password gets cracked once, let’s say, your Facebook password gets cracked, then that individual now has access to all your 10 accounts. How unpleasant this would be to you. Truth be truth, some websites store your ‘strong ‘password as a plain text, and so if their database gets leaked, your strong password is visible plain to the eye of the viewers. You wouldn’t like to lose ten deals due to a single mistake was done on just one deal, would you?  A study by BitDefender showed that 75 percent of people use their email password for Facebook, as well. If that's also your Amazon or PayPal password then it's good-bye to some funds, if not friends.

2.      Your password, your inner clothing

The saying goes like this: Passwords are like underwear. You should change them often (off course not every day). Don't share them (you cannot hang all your password security hopes on your careless buddy, maybe you are quite careful with these but he isn’t.)  Don't leave your passwords out for others to see, simply avoid typing your six passwords on a sticky note (either on desktop or paper) on the pretext of saving time for access.

3.      Avoid Common Passwords

Millions of people use their pets’ names, favourite dishes, family names, or just objects of their attachments as passwords. I’m very certain that most people use their first love’s names or initials, or objects they felt attached to as their passwords. I only wish you knew how social media has spread it wings far aside like an eagle’s. About 250million people in Facebook have access to your personal info depending on how much you expose to them.  Bear it in your mind that, if the word you use can be found in the dictionary, it's not a strong password. If you use numbers or letters in the order they appear on the keyboard ("1234" or "qwerty"), it's not a strong password. If it's the name of your relatives, your kids, or your pet, favourite team, or city of your birth, guess what—it's not a strong password. If it's your birthday, anniversary, date of graduation, even your car license plate number, it's not a strong password. It doesn't matter if you follow this with another number. These are all things hackers would try first. They write programs to check these kinds of passwords first, or rather they use a dictionary attack, explained in a previous article, to crack your passwords. Other common terms you should avoid are: "god," "money," "love," "monkey," and for the love of all that's techie, if you use "password" as your password, just sign off the Internet right now, you should never be heard from in the internet again. In the know, codes like "abc1234," "password," "admin," "iloveyou" and "aaaaaa" were the most popular passwords that had been discovered after Adobe systems were hacked.

Creating a strong password

To create a strong password, you should use a string of characters that mixes numbers, letters (that are both lowercase and uppercase), and special characters. It should be a minimum of eight characters, but I hope you don’t mind using even 20 characters. The characters should be random, and not follow from words, alphabetically, or from your keyboard layout.

Here are a few tips to create a strong password.

Spell a word backwards e.g. turn ‘nairobi’ to ‘iborian.’
Substitute numbers for certain letters e.g. 3 for letter ‘e’, 8 for letter ‘B’ etc.
randomly throw in some capital letters e.g. transforming ‘iborian’ into ‘iBoriAn.’

Don't forget to add a special character e.g. transform ‘iBoriAn’ into ‘18ori@^’

As long as your special character replacement makes sense to you, that's all that matters. In my case, I used @ for ‘A’ or ‘a’, and ‘^’ for n.
Choose something simple to remember as a password, but whenever you type it, you should put your fingers on the wrong keys. In simple terms, replace correctly spelled words with misspellings e.g. replace ‘iloveyou’ with ‘1L0v3Why0U’.

You can also pick a pattern on the keyboard and type based on that. For example, a counter-clockwise spin around the letter g could result in "hytfvb”, no one can guess that yet for you it is very simple. Throw in some random caps and numbers to really lock it down.

One of the easiest things to remember is an acronym from a phrase of your choice. "We didn't start the fire, it was always burning" becomes "wdstfiwab" based on the first letters of each word.

Remember, the longer the password, the stronger it is. Always. Something more than 15 characters is very difficult to remember, but it'll be a breeze with a mnemonic. A long password is useless if it's a common word or phrase that can be easily guessed. It's best to use a randomized series of characters that include a mix of letters, numbers and symbols. Don't use a password that includes your name or company name, and if possible try to create a password that isn't a real word. Your password should contain a variety of uppercase and lowercase letters, numbers and symbols. 

 Password generator tools

Even with the above guide lines, some still have problems creating a fairly strong password. If that’s the case, then there are plenty of tools that will make one for you. A tool like The PC Tools Secure Password Generator, for example, makes one based on your criteria: how long, include (or don't) mixed case, numbers, punctuation, similar character replacement, etc. It even provides a phonetic pronunciation guide that you use as your mantra while typing the password.

Password strength Testing

If you're worried that your password of choice isn't strong enough, check it at How Secure is My Password? The site will even tell you how long the average PC would take to crack it. For example, cracking "kroywen" would take 13 minutes, "kr0yw3n" would take about 2 hours, "Kr0yw3^" 15 days, and "MA7ApUp#" about 3 years.

Password management tools

Sometimes one may create very unique passwords for the various accounts they have, and in this case, remembering all those passwords can be a really big deal. So, there is a need to manage your passwords.

One of the easiest ways to do this is to write down your passwords, especially if you actually go the distance and use a unique string of characters for every log in. The amount of time you could lose trying to remember each password whenever you have to type it in may not be worth it. Just try to keep the list somewhere that's not readily accessible, such as in your wallet. Avoid using your desk drawer at work, co-workers may peep into them.

Use these apps and tools to create and manage passwords 

LastPass, for example, lets you store and manage all of your important passwords in one safe spot. The app encrypts your data and password list so that no one can read them, and there's an option for different types of two-factor authentication. It also includes a password generator that creates randomized passcodes that are nearly impossible to guess. The free desktop version prompts you to save your password in LastPass whenever you login to a new website, but you'll need a premium subscription ($12 per year) to use the mobile version.

1Password is another great option for those seeking extra protection. The 1Password app ($17.99) offers many features similar to that of LastPass, including a password generator and secure encryption. There's also a browser extension that syncs with your desktop.

Other great tools for password management include; dashlane, avast password manager etc. As of now, I hope you understand the importance of your password. Above all, how strong your password is should be your major concern.

Michael Jaroya

He is a technology enthusiast, a writer, and motivator.An individual with the love for humanity..

More in this category: Has your password been leaked? ยป