Passwords Aren't Dead...Yet

When you log onto a computer, send email, check your bank account, or use social media, you can either help or hurt the security of your computer. Your private information can be compromised by using weak passwords. Here are five examples of weak passwords:

  • Your spouse, partner, child or pet’s name
  • 123 or 1234 or 123456
  • The word ‘password’
  • Your city, college or favorite sports team name
  • Date of birth – yours, your spouse’s/partner’s or your child’s

A strong password will:

  • Be at LEAST eight to ten characters in length
  • Have one or more capital letters (A-Z)
  • Have one or more lowercase letters (a-z)
  • Include one or more numbers (0-9)
  • Include one or more special characters (! * & % $ # @)
  • NOT be a dictionary word in any language

If you want a strong password without having to remember anything complex, choose a word, name or phrase that you can remember and then try shifting one set of keys to the right (or left). It will make your password look like gibberish but be simple enough for you to remember. For example, my name, Eric Logan becomes rtov;phsm (and before anyone wonders, I am not using this as a password anywhere only for the purpose of this example). It can be made further secure by adding uppercase, numbers and special characters: Rt0v;ph$m. I basically substituted numbers for certain letters, randomly capitalize some letters and added a special character.  It’s far from perfect but strong enough to slow a cybercriminal down. 

Most importantly, do not use the same password for everything. Use a different password for each computer or website that you use, but base it off a variation of the same password creation convention so that you alone can figure it out without having to remember it. One variation might be adding additional letters, numbers and/or characters to beginning, end or middle of the password. For example Rt0v;ph$m would become Rt0v;phSm_fcBK for the password for a Facebook account. You can also non-alphanumeric characters between each character to create a stronger password. Using the earlier example, adding an special character such as an underscore ( _ ) increases the password's length and strength. Rt0v;ph$m now becomes _R_t_0_v_;_p_h_$_m_.

Now that you have created a strong password, you need to protect it. You can easily defeat the whole purpose of creating a strong password if you are careless about keeping it. NEVER share your password with anyone and do NOT write it down and leave it in an open area no matter how well-hidden you think it is. What that means is that you need to stop putting your password on a Post-It note on your monitor or under your keyboard. If you feel that you must write down your password in order to remember it, keep it in a safe place and don't label it as your password.

The bottom-line is that while most cybersecurity professionals agree that passwords are now becoming a lousy way to protect your data, they still provide the first line of defense against unauthorized access to your computer and online accounts. Optimal security is when you pair a strong password with a two-factor authentication process. Ideally, each password should be unique and you shouldn't use the same password for every website you visit. While I just presented one method, you will find that there are multiple methods that people use to create strong passwords. The key is to create a strong password and to keep it safe.