Password Management: How to Create a Strong Password


With the widespread use of computers and mobile devices, password security has become an important part of computer security. Bank, email and social networking accounts store personal information--such as date of birth, address and even credit card numbers--which are protected only by a password.

Passwords are necessary to keep your accounts safe and to prove that you are who you say you are. The most efficient password should be strong enough to thwart hackers, yet easy enough for you to remember.

How to create a strong password
Your confidential information is probably not safe unless you use at least an 8-digit randomized password. If you use less than 8 characters, and you restrict your characters to only alphabetic letters, it can be cracked in minutes. Many systems now require passwords to be at least 8 characters in length. Studies reveal that the longer and more complex the password, the harder it is to crack.

A strong password should:
• Be at least 8 characters in length
• Contain both upper and lowercase alphabetic characters (e.g. A-Z, a-z)
• Have at least one numerical character (e.g. 0-9)
• Have at least one special character (e.g. ~ ! @ # $ % ^ & * ( ) - _ + =)

A strong password should not:
• Spell a word or series of words that can be found in a standard dictionary (e.g. angrybirds, mypassword, daisymae)
• Spell a word with a number added to the beginning and/or the end (e.g. johnsmith1, password123, daisy8703)
• Be based on any personal information such as user id, family name, pet, birthday, etc. (e.g. johnsmith, mydogrover, 10311978)
• Be based on a keyboard pattern (e.g. qwerty) or duplicate characters (e.g. asdfgh, aabbccdd, 456789)

Use a passphrase or a nonsensical word
Rather than trying to remember a password created using various character types which is also not a word from the dictionary, you can use a passphrase. Think up a sentence or a line from a song or poem that you like and create a password using the first letter from each word.

A passphrase could be a lyric from a song or a favorite quote. An example of a strong passphrase is “Superman is $uper str0ng!”. A nonsensical word can built using the first letter from each word in a phrase (e.g. C$200wpG., represents "Collect $200 when passing Go."). These typically have additional benefits such as being longer and easier to remember.

Each system or application may have different password restrictions or requirements. Unfortunately, some systems don’t allow the use of special characters (e.g. ~ ! @ # $ % ^ & * ( ) - _ + =), so when you’re confined to letters and numbers, you’ll need to make extra sure the password you create is complex enough.

Grab a piece of paper and a pen and practice creating strong passwords by modifying the following phrases. For example:

“She loves you yeah, yeah, yeah!” could be modified to: sLuY3ah!

Now it’s your turn.

• I sense great fear in you, Skywalker.
• The hills are alive with the sound of music.
• Holy haberdashery, Batman!

Check the strength of your password
It’s a good idea to check the strength of the password you’ve created. Some websites offer a built-in password checker that evaluates the strength of your password when you’re setting up your account. But if you want to check the strength of your other passwords, try using Microsoft’s password checker.

These helpful tips are provided by InfoSight Inc , an information security consultancy working to help ensure the privacy and security of your corporate, personal and financial information.