Good Passwords for Good Security

February 17, 2012

Now a days, there are so many passwords to remember: Facebook, Twitter, YouTube, Gmail, sephone’s datAvenger CMS, custom applications, email and so on. One of the most common security problems that we run into here at Sephone, is that somebody picked a weak password and somebody else guessed it. This posts aims to help you pick secure passwords.

Security FenceGuidelines

In general, passwords should be hard to guess and elusive to figure out. Here are some guidelines that I like to use

  • 8 chars at least in length
  • includes numbers
  • mixed case (upper and lower case)
  • contains some special characters (“*!/’ etc)

In addition, you should try not to use the same passwords at every site. Lets say, your twitter account email is test@gmail.com and your password is test. Bad password, but just an example. If Twitter gets hacked and somebody has a list of logins, you know they try other sites with that list.

Also, it comes without saying (I hope), don’t store your password where people can get it. This means not saving it on the computer you are using, unless you have a fair degree of physical security for that machine, meaning somebody can’t use it or steal it easily. Don’t write passwords down where people can see them. And also, don’t tell your password to anybody.

Bad Passwords

Here are commonly used passwords that are bad.

  • 12345
  • password
  • same as the username
  • your birthday or child’s birthday
  • pet’s name
  • a simple dictionary word like “fence”
  • keyboard patterns like qwerty, asdf or rfv

Good Passwords

Here is a list of some good passwords, but don’t actually use these ones. This gives you the idea.

  • f45D9a2$-z,e)
  • c@tS[are]Not*c3Wl
  • 3!tatlworz3

Yes, these are harder to remember, but once you get them, it will not be an issue. Most of the passwords that I have, I don’t know them mentally, my fingers have learned them and I can type them automatically, but struggle to know what the actually password is. It’s surprising how quick your fingers will learn them.

Thanks to Graham Richardson for sharing the photo in this post with a Creative Commons license!

avatar

Alan has been creating websites since CompuServe was huge. Today he still is developing websites using technologies such as CSS3, HTML5, jQuery and CakePHP.

Comments

No comments yet.

Leave a comment