Getting the best out of your password…

I originally wrote this to send to friends who asked me for advice about password security when they have had one or more of their web accounts compromised, so I decided to post it here for others and so that I can just send a link to anyone to simplify the process.

Don’t look for the pretty pictures in this post, there aren’t any, normal service will resume shortly.

The following is just basic advice with some useful links, I am not a web security expert therefore this is just my personal opinion based on my own experiences.

To log in to most web services, other than secure accounts such as on-line banking, you usually have either a user/login name name or an e-mail address as part one of the login process.
A username is not hard to find out and there is not a lot you can do about that. An e-mail address, a little more tricky but still fairly easy to obtain, especially if you have earned yourself a little trust or received an email from someone.

Part two is the password, this is your door key, the one weapon you have that if you are careful will keep your account(s) as safe as possible if you take some basic steps to make it harder to guess, it is recommended that a password should be at least 8 characters long, 12 or more would be better, and to include special characters, such as $, & numbers and UPPER and lower case type, the more characters it has the better chance you stand or making it as secure as possible.

If you use a webmail service such as Hotmail, Windows Live Mail,  Gmail, Yahoo or some other webmail service, having a secure password is all the more important, whilst you may not have anything in your e-mails that you consider worth protecting, having your e-mail hacked and used to send spam, apart from being annoying can be a major inconvenience to chase down and regain control of your account.

One thing you should never do is have the same password for everything, as tempting as this may be for the sake of ease, if you also use the same e-mail address for two or more accounts, you then potentially leave yourself open if one account is compromised, they could all be. Another thing you should not do is use a common word, such as password, yes some people do this, or other easy to guess words, pets names, football teams etc.

Starting with one of the top ten most common words used for a password, believe it or not, is actually password and it is one of the first words hackers or software will try, then other common words, football teams, pet names as mentioned above.

So for the sake of making the simple more complex and going back to that  password again as an example, I’m not suggesting you should use this, but just as an example to see how you can make this simple word quite secure and easy to remember, simply by making it a bit random and adding a special character or two, numbers and upper and lower case letters, like..

pAs$w0rD!

Taking it a step further, add two words together again both with a bit of randomness, numbers, upper/lower case and special characters.
Take the post title, remove the space (because spaces aren’t allowed in passwords) now you have a pretty secure password that is hard to guess, but by no means impossible…
pAs$w0rDto0!s!

Below are some links to password tests and tools, go and have a play with “password” “pAs$w0rD!” and “pAs$w0rDto0!s!  with the different tools and see what difference it makes.

If you are still not convinced that you can make up a secure password, use a password generator, though you will have to devise a way of remembering it!

Password Strength Tests.

Test my Password strength is one of favourite, because it is kind of fun to play with and gives you a “how long it will take to guess” rating from almost instant to several trillion years or more, based on how an auto password hacking tool will approach cracking a password by way of randomly guessing your password starting with simple common words. It also has a good explanation of the importance of using good passwords and how to avoid weak ones.

Password Meter is maybe the most informative and it gives you a score and explanation of why a password is strong or weak and how you can make it stronger.

Passchk gives an explanation as to how secure a password might be.

Test Your Password. Everything under one roof, generates a random 8 character password by default, increasing the length from 8 to 14 characters makes your password a lot stronger.