In a previous article, I outlined four types of passwords you shouldn’t create unless you want your account hacked. Given how valuable your passwords are, it’s important that they be secure, yet not too hard to remember. Not only do passwords protect your Facebook information, your personal blog and your e-mail account, but also many accounts linked to your credit card, such as your Amazon, eBay and PayPal accounts.
Here are four tips showing how you can create secure passwords:
Tip #1: Size Matters
With passwords, bigger is better. A 4-character password can be cracked using "brute force" techniques - where a computer simply tries every possible combination of characters - fairly quickly. A 6-character password will take much longer; 8 characters even longer. If you want to be really secure, go for 12 characters or longer.
Tip #2: Variety is the Spice of Life
There are four types of characters you can use in passwords:
- lower-case letters (a, b, c)
- upper-case letters (A, B, C)
- digits (1, 2 3)
- "special characters," which include punctuation (. ; !) and other characters (# * &)
There are 26 lower-case letters, 26 upper-case letters, 10 digits and, depending on the web site, as many as a couple of dozen special characters (some sites won't let you use certain characters). If you create a password with 6 digits, there are a million possibilities. If you use, however, six lower-case letters, the number jumps to over 300 million. And if you use a combination of upper- and lower-case letters, you get 2 billion different combinations. Add in special characters and the number of possibilities is in the hundreds of billions.
Combine this with tip #1 and use a longer password, and see these numbers expand faster than the universe during the Big Bang. If you only use letters and digits, an 8-character password can have as many as 200 trillion possibilities. Move to 12-character passwords and the number is so big I don't even know how to define it (it's 1023, plus a bit).
Tip #3: Create Unique Passwords
Here’s an easy way to create unique, memorable passwords that are impossible to crack. (Well, the NSA might be able to do it...) You should set a password like this for the user account on your Mac, because if anyone can get into your account, they can access a lot of your files and personal information.
To start with, you want something memorable. As an example, let's say you're a fan of the Game of Thrones TV series. You could create a password like this:
That's 13 characters, so it's fairly long, but it's all lower-case letters. Let's throw in a couple of upper-case letters to make it more complex, but not in the expected locations, such as the "g" or "t":
That's a bit better. But now, let's spice it up with a couple of digits. These have to still be easy to remember, right? How about this:
And the addition of even one special character makes this much, much harder to crack:
This isn't too hard to remember, but it could be a bit easier. So let's just use one capital letter, one digit, and one special character; that's more than enough to make it unbreakable:
You now have a password that is secure. According to the site HowSecureIsMyPassword.net, it would take about 423 million years for a desktop computer to crack this password.
Tip #4: Use Your Keychain to Store Passwords, or Use a Password Manager
While you have a really secure password, you still don't want to use it on all your web sites. You can use Mac OS X's keychain to store passwords - this is what "remembers" passwords when you enter them in Safari, along with the passwords you use for Mail and other programs. You can also use one of many programs that store passwords, but make sure that the master password you use for this software is as strong as the example above.
Do you have any other tips for creating secure passwords?