19 May How to set a strong password: 9 tips
Last January, I was talking with a cyber security expert and hacker (he said he is one of the good one). He told me he was doing some penetration test on an oil tanker and he hacked its firmware because the password was 1234.
A strong password is your first line of defence against intruders, imposters and cyber criminals.
So… how to set a strong password?
Here some tips:
Create password that are easy to remember, but hard for other to guess:
Don’t use a word or phrase of special importance to you, like a birthday or family member: that’s the kind of information that can be discovered by someone.
Do not share your passwords.
Never, ever give it to friends, even if they are really good friends. A friend can accidentally pass your password along to others or even become an ex-friend and abuse it.
Make sure your password is long,
it should be at least 8-to-12 characters long, the longer the better.
Include numbers, capital letters, lowercase letters and symbols:
- The capital and lowercase letters should not be grouped together. Mixing them up makes the password more difficult to predict
- Consider using € instead of E, 1 instead of L, ( instead of C, 0 instead of O
- Consider including an &, an % or other special characters [like !”£$ /()=?^><@#]
Don’t’ use one password. Generate similar but distinct passwords for separate accounts.
You can use similar base words to help you remember your passwords easily without making them too easy to crack.
Consider a “pass phrase” rather than simply a password:
- Such a phrase should be relative long, let’s say 20 characters or so
- Think of something you can remember, but others couldn’t
- Use numbers, symbols, upper and lower-case letters
- Avoid famous quotations that might be easy to guess
- For example “I really like dark chocolate” is “Ir€a11y1ik€DARK(h0(01at€”
Make sure your password is kept in a safe place.
- Don’t’ post it in plain sight and, if you have to write it down hide the note somewhere where no one can find it;
- Consider using a password manager. Programs or web services like 1Password, Lastpass, RoboForm, Keeper, etc. let you create a different very strong password for each of your site, but you only have to remember the one password to access the program.
Many services and social media offer an option to verity your identity if someone logs on to your account from an unrecognized device. The typical method is to send a text or other type of message to a mobile device registered to you with a code you need to type in to verity it’s really you.
Make sure your devices are secure:
- The best password in the world might not do you any good if someone is looking over your shoulder while you type or if you forget to log out on a hotel or café computer;
- Make sure you’re using an up-to-date anti-malware software and that you operating system is updated;
- Be very careful before clicking on a link asking you to log in, change your password or provide personal information, even if it appears to be from a legitimate site. When in doubt, type what you know to be the website’s URL into your browser window.