RSS Feed

Password Fundamentals

Posted on

Treat your password like your toothbrush. Don’t let anybody else use it, and get a new one every six months” – Clifford Stoll

Whether at home or in the office, creating a secure password is crucial to protecting your personal information.  By creating a secure password, you make it difficult for hackers to access your accounts without authorization.

Password Fundamentals

  1. Length – The longer the password, the harder it is for a hacker or a logarithm to “guess” what your password may be.  Strive for a minimum of 8 characters for your password.
  2. Characters – It is crucial to use special characters in your password (if the application allows it).  Several applications require a special character such as !@#$%^&*.  For example, instead of an “a” you can you a @ symbol, or instead of an “i” you can use the ! symbol.
  3. Numbers – In addition to special characters, use numeric values within your password as well.  Numbers can prevent hackers from using dictionary terms to unlock your account.
  4. Upper Case and Lower Case – Don’t forget to vary the characters that are capitals and those that are lower case – especially if the application is case sensitive.
  5. Change it – Change your password every 3-6 months.  I agree that this may be difficult and not conducive to remembering your password, however for maximum security change your password, especially for online bank accounts!


Things to Avoid

  1. Never write your password down!  This is a detrimental mistake made by a majority of individuals who have a difficult time remembering their password.  Passwords can easily be found under mouse pads, keyboards, behind picture frames, and in nearby drawers.  You wouldn’t leave the key to your home under the door mat (I would hope) so don’t write your password down in a location for others to find.
  2. Keep it private – Don’t share your password with anyone.  Period.
  3. Common names – Some common passwords to avoid are: Dictionary words, names of relatives/spouses/friends, your username, your address, your birthday, pet names, etc.


Stay tuned for my next post regarding tips on creating a super-extremely-easy-to-remember secure password!



8 responses »

  1. I have so many passwords I have to write them all down, oops! I do think it is a good idea to go through all of your accounts and change them every six months. Great tips!

    • Thank you! If you write them down just make sure to keep it somewhere secure – Especially if you’re at work! I’ve heard of people using hidden folders on their computer and locked folders in outlook. Just make sure you don’t title the folder “passwords” 🙂 Thank you for reading my blog!! And thank you for featuring My Big Kid Advice on your Motivational Monday!

  2. Passwords.. the keys to the kingdom. I do write mine down… in a password safe that is. 🙂 If people absolutely need to write it down, I suggest a clue kept in a wallet (versus under a keyboard or stuck to a monitor). If someone follows a particular formula in creating passwords, then a clue that says “Hershey” kept in a location that is usually with them all the time, that may remind them that their password is actually “Ch0c0l@te”.

    • Paul – do you use KeePass or any online tool to manage your passwords? They kind of freak me out but we had a security engineer visit the other day who said he loves the online tools. Still – freaks me out!

      • I’m using Password Safe, a utility written by Bruce Schneier. It uses Twofish encryption. KeePass supports AES and Twofish so I’d be comfortable with that too. In addition to encrypting the password database, I keep that inside another encrypted volume (using Trucrypt) that I have to mount first.

        I’m not a big fan of online password managers. Like you, that “freaks me out”. 🙂

  3. If you create passwords as you suggest, for a multitude of sits, and change them every 6 months, how in the hell can your remember them without writing them down? I currently have 75 sites that require passwords.

    All this password crap makes passwords harder for us to remember and easier for computers to “guess”.

    BTW – Why “hide” the password when keying it in, and force me to key it twice. Just let me see the typos as I make them. Sheesh.

    • This method of creating a password is actually nearly impossible for a computer to “guess” – but I definitely agree it’s not easy to remember!

      And the hidden passwords are for your safety – imagine being in a public computer lab and typing your password so that the nearest creeper behind you could see. There are a multitude of softwares that can be installed on your computer and capture everything you key in. With a password that is viewable, you would have virtually no protection.

  4. I personally like to go for association but a little more lateral.

    For example I use the make and model with the engine size of the first car my grandfarther owned. That gives a long enough password with a mixture of letters and numbers but also it’s easy for me to remeber but much harder for an I.D thief to guess as they would be looking at me and my imediate family for potential clues. To go back another generation makes it harder.

    for example: Triumphtr8 3.5v8 ( no that’s not a car ever owned by anyone in our family or password ever used )

    Then if you play around with uPPer and LowER case letters, makes it even harder.

    I just love this website: a great way of testing password strength


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: