- Use more than one word
- Instead of only using the name of someone you know, such as "Allison", choose something about that person no one else knows about, for instance, "AllisonsBear" or "AlliesBear".
- Use symbols instead of characters
Many people tend to put the required symbols and numbers at the end of a word they know, for instance, "Allison1234". Unfortunately, this is relatively easy to break. The word "Allison" is in a lot of dictionaries that include common names; once the name is discovered, the attacker has only four more relatively easy characters to guess. Instead, replace one or more of the letters within the word with symbols that you'll easily recall. Many people have their own creative interpretations of what letter some symbols and numbers resemble. For example, try substituting "@" for "A", "!" for "l", a zero (0) for an "O", a "$" for an "S", and a "3" for an "E". With substitutions such as these, "@llis0nbe@r", "A!!isonB3ar", and "A//i$onBear" are all recognizable to you, but they would be extremely difficult to guess or break. Look at the symbols on your keyboard and think of the first character that comes to mind-it might not be what someone else would think of, but you will remember it. Use some of those symbols as substitutions for your passwords from now on. - Choose events or people that are on your mind
To remember a strong password that will have to change in several months, try selecting an upcoming personal or public event. Use this as an opportunity to remind yourself about something pleasant that is going on in your life, or a person whom you admire or love. You won't be likely to forget the password if it is funny or endearing. Make it unique to you. Be sure to make it a phrase of two or more words, and continue to slip in your symbols. For example: "J0hn$Gr@du@tion". - Use phonetics in the words
In general, password dictionaries used by attackers search for words embedded inside your password. As mentioned before, don't hesitate to use the words, but make sure you liberally sprinkle those words with embedded symbols. Another way to trump the attacker is to avoid spelling the words properly, or use funny phonetics that you can remember. For instance, "Run for the hills" could become "R0n4dHiLLs!" or "R0n 4 d Hills!" If your manager's name happens to be Ron, you might even get a chuckle each morning typing this in. If you are a lousy speller, you are ahead of the game already. - Don't be afraid to make the password long
If you remember it better as a full phrase, go ahead and type it in. Longer passwords are much harder to break. And even though it is long, if it is easy for you to remember, you will probably have a lot less trouble getting into your system, even if you aren't the best typist in the world. - Use first letters of a phrase
To create an easy-to-remember and strong password, begin with a properly capitalized and punctuated sentence that is easy for you to remember. For example: "My daughter Kay goes to the International School." Next, take the first letter of each word in your sentence, preserving the capitalization used in the sentence. In the example above "MdKgttIS" would be the result. Finally substitute some non-alphanumeric characters for some of the letters in the password. You might use an "@" to replace an "a" or use an "!" to replace an "L". After one such substitution the example password above would be "MdKgtt!S"-a very difficult password to break, yet a password that is easy for you to remember, as long as you can recall the sentence on which the password is based.
Do's:
- Combine letters, symbols, and numbers that are easy for you to remember and hard for someone else to guess.
- Create pronounceable passwords (even if they are not words) that are easier to remember, reducing the temptation to write down your password.
- Try out using the initial letters of a phrase you love, especially if a number or special character is included.
- Take two familiar things, and then wrap them around a number or special character. Alternatively, change the spelling to include a special character. In this manner, you get one unfamiliar thing (which makes a good password because it is easy for you and you alone to remember, but hard for anyone else to discover). Here are a few examples:
"Phone + 4 + you" = "Phone4you" or "Fone4y0u"
"cat + * + Mouse" = "cat*Mouse" or "cat*Mou$e"
"attack + 3 + book" = "attack3booK" or "@tack3booK"
Don'ts:
- Don't use personal information such as derivatives of your user ID, names of family members, maiden names, cars, license tags, telephone numbers, pets, birthdays, social security numbers, addresses, or hobbies.
- Don't use any word in any language spelled forward or backward.
- Don't tie passwords to the month, for example, don't use "Mayday" in May.
- Don't create new passwords that are substantially similar to ones you've previously used.
No comments:
Post a Comment