INTERNET
PASSWORD SECURITY
Good passwords are hard to come by. If
you suddenly and without much warning had to pick a password to
access your computer, or your favorite website, or your internet
banking facility, what would you do? Most people would make
their password their name, their partner's name, their birthday,
their partner's birthday, their favorite color or book or movie
or character. You can probably already see a pattern forming
here, can't you? Ok, now for the scary part: these are all
easily guessed and your personal information is like a bank who
holds all your money.. on the foot path where everyone can see
it and grab it!
So how do we fix this? We think up a
better password. Does that mean something long, awful and
cryptic that you wont remember and will probably have to write
down in case you forget it? Please no! That's the sort of
password that snooping people want! So we need to strike a
balance somewhere One that is much more than some simple detail,
yet cryptic enough that it couldn't be guessed too easily.
Let's begin with a name, say Andrew.
Now, say Andrew wants something simple, yet based on his name
which will act as a “keyword” to help him easily recall his
password. We'll mix in some UPPER and lower case characters and
some numbers to replace letters, also known as elite speak, or
1337 speak. He might come up with up AnDr3w. That's decent.
Let's say Andrew is a keen internet surfer, he might try and
combine his hobby with his password. We'll abbreviate
“internet” as simply “net”. Ok, we'll try the
substitution technique again to get “n3T”. Excellent! Now to
combine them as two words. Now most people separate words with a
space “ “, but on the internet, that is best represented as
an underscore “_”. So, we'll combine them both using our new
tricks to get “AnDr3w_n3T”. Excellent!
Andrew now has a password that he can
use comfortably, simple enough that he shouldn't need to write
it down ever and practically untraceable. I say
“practically” because given enough time, any password in the
world can be cracked. But this one should keep the password
crackers busy and by the time they're even remotely close to it,
he's changed it and they will have to begin again.
Another trick is to think of a song or
nursery rhyme, take the first letter of every word and do the
same substitution technique plus add a number, e.g.: “baa baa
black sheep have you any wool” turns into “bbbshyaw” and
“humpty dumpy sat on the wall” turns into “hdsotw2005”.
Let your imagination run wild with the sorts of passwords you
can create using this technique.
So the next time you hear of someone's
account being broken into, or see someone trying to find a
sticky note with their password on it, just remember, with a
password created using the above techniques you wont really have
to worry as much about either of those problems.
