The Best Password is a Sentence (and a password checker to test it out!)

Lock

Do you think the following password is easy to remember?

YSr&eted2ggt

You bet it is.  Read on to find out why.

It seems like every day we’re visiting sites where we need to create a password.  And if we don’t tell anyone our password, we’re safe, right?

Wrong.

Hacker bait

Our money and a lot of our personal information are online, with only a password for protection.

And yet we’re lazy with our passwords, and that makes us easy prey for hackers.

Strike 1.  We choose a word for our password.
Strike 2.  Our passwords are nice and short so we can remember them (smart thinking, right?).
Strike 3.  We then use the same password at multiple sites.

We’re hacker bait.

Make it long

And it’s getting worse.  We used to be told if you had a 6-8 character password, it was fine, but the new standard is 12 characters, if we really want to be safe (in fact, Microsoft recommends 14 characters, yikes!).  Why is this?  Ever-increasing computing power and tools to break passwords.  Yup, turns out hackers aren’t sitting in front of their computer with a pencil and paper trying different combinations.

So what’s a person to do?

Mix it up – a checklist:

Here’s the best advice we’ve found (it comes from Microsoft and Georgia Tech):

Create a passcode, not a password.  It should include:
– at least one number
– at least one symbol
– upper and lowercase letters
The greater the variety of characters in your password, the better, and use the entire keyboard, not just the letters and characters you use or see most often.

Some say not to write it down, but we’re only human.  Even Microsoft tells us to write them down, just keep them secure.  Other options include online services to store passwords, such as Lastpass (yes, they were concerned that they got hacked recently, but apparently only those people’s accounts who had a weak master password would have been at risk).

But it can be easy (really!)

It sounds like a lot of work; how do we remember a complex password?  Turns out there are easy tricks.

Make a sentence that you’ll remember, then use the first letter of each word, and substitute symbols for words where you can (and=&, to=2).  For example, “I like to eat one egg and toast for breakfast in the morning” would become “il2e1e&tfbitm”

Microsoft suggests that you take it one step further, by say, making some of the letters uppercase – we’ll choose the first two (now it’s IL2e1e&tfbitm).  (Note: they also suggest doing things such as adding punctuation at the beginning, a symbol at the end, and a meaningful number in the middle).

Favourite song lyrics? Turn it into a password!  Favourite sayings? Convert them!  Mix it up with the odd capital, symbol and number, and you’re hacker bait no more!

As promised, a password checker

Want to see just how weak your password is? Check out Microsoft’s password checker.  It’s pretty tough.  I found it took 12 random characters to get a “strong” rating (“best” is the top rating, but it took 20 characters) – so I think “strong” is pretty good.

So, why is YSr&eted2ggt easy to remember?

(You should read and enjoy TipBusters every day to get great tips!)

7 comments… add one

  • Question: if you put in a possible password at Microsoft, then they know your password? Don’t trust anyone. Look what happened at Target. Only pay cash there now.

    Reply
    • Might as well start paying cash everywhere. Fact is, your CC isnt safe a lot of times when you use it. When you goto a restaurant, you have no idea what the happen to your CC. Someone could write down your CC #, take a picture of it, pass it to others, etc. Many, many smaller companies than Target probably are less secure. Everything is protected. I haven’t read about anyone having to pay for something they didn’t buy due to their CC getting lost, stolen, and/or compromised from a breach like this. Have you? Please post an article if you have.

      Reply
  • My brother recommended I may like this web site. He used to be entirely right.
    This submit truly made my day. You cann’t believe simply how much time I had spent for this info! Thanks!

    Reply
  •  Another tip is to store those great passwords for the day you scratch your head and say “what was it again?”.  Simple and secure:  eWallet GO!   http://ewalletgo.com

    Reply
    • Lee – I’ll have to check that out, thanks!

      Reply
  • Gpt4ttc.GIgybimRr (Great post thanks for the tip Christene.  Glad I’ve got your blog in my RSS reader)

    Reply
    • That made me laugh Steve! Thanks for stopping by.

      Reply

Leave a Comment

Cancel