Passwords and you: Stop doing stupid and make more smarts

Honestly, passwords shouldn't really be a topic these days. Everyone knows all the rules about passwords but everyone completely ignores them. How many websites do you use the same passwords for? How many times are you pressed to make a password and end up using your pets name?

I've also been guilty of being stupid with my passwords. I've used the same password that I got with my first ADSL PPPoe connection in 2001 for every single website and service that I've ever registered to. Not only do all of my friends and relatives know this one password but multiple of the sites I've registered on has been hacked and this is probably a known password.

Random passwords for random sites

Do you need to know the password for that one image board site or that one forum that you payed money for once to get lifetime access? It's not like you're going to sit down on a public machine and log into those sites, ever.

Using something like Last Pass you don't need to remember every single password and the app/plugin/extension itself can generate a random password for you to use.

All you need is one strong master password and I highly recommend teaming that up with 2 factor authentication so that you know that no one will ever log into your Last Pass without you knowing.

Making a secure password

Like everything in IT (and possible life), it's all about planing. Planing makes life so much easier.

Currently, I have one password scheme for my work account(s) due to the fact that I have to change that password every 3 months. This is great as I don't have to start thinking about a new password every time the system prompts me to change it.

I have one "master" password and one "simple" password for every day use like computer accounts. I try to keep all my websites on a random basis as much as possible.

My "simple" password is actually kinda secure as How Secure Is My Password suggests that it will take 204 million years to crack it, while my "master" password is at 1 octillion year. Brute force that, bitch...

How to make a secure password

Names of pets and relatives aren't all that great in itself as Paul or Sharon might be on many wordlists and is probably pretty easy to brute force. But simply changing out certain letters with numbers will increase the complexity by a whole lot. P4u1 or 5h4r0n are all ready way harder to crack than their normal counterpart.

I always use at least four types of characters. Uppercase and lowercase letters, numbers and special characters. There are certain special characters that some of systems might frown upon but using stuff like exclamation marks and dollar signs works more or less all the time.

I like the idea of using an easy to remember sentence to make up a password that seems completely random. Let's get an example rolling:

Take some pancake batter and 2 bacon strips! 160 calories.

=

Tspba2s!160c.

Now, that's one awesome password. It scores a 47 million year on How Secure Is My Password. See how easy it is to make a password that is completely "random"?

What do you think? Could you beef up your passwords? It's actually not that hard if you just sit down and think about it.

Roberth Strand

Working in IT as a Windows Sysadmin working on security, Office 365, and a lot more. Lately, I've been having fun program and creating tools.. Also active with the Norwegian Humanist Association.

Norway

Subscribe to destruktive.one

Get the latest posts delivered right to your inbox.

or subscribe via RSS with Feedly!