IT for mere mortals - Creating password not even God could crack
Since IT is implemented in every facet of our life (what part of our life has no information?) the paradigm also grows into our life. One of such paradigm is the security measure. Access to services mimics the mechanism of access to a computer – login procedure.
By now you probably have get used to filling in username and password on various services. The reason why there has to be a pair of them is because each has it’s own function and both are needed for proper verification. Username is about authorization while password is about authentication which makes it clear why the former need not be discreet while the other must.
Despite the fact that password is the weakest security measure in a system, there is still no other more effective way to perform a verification. Human’s own weakness in remembering password doesn’t help much either. Users often recklessly create simple password like “password”, “12345”, “admin”, “qwerty” or birthday date, lover’s name, pet’s name, etc. This render the entire security measure setup by the network administrator becomes useless which could end up costing the very user a great loss.
So how do you create strong password?
Stop creating password, start creating passphrase.
The longer the password the stronger it is. There’s a whole technical proof about this, but for now, trust me. So instead of having “password” as a password why not have “ihatepassword” for the password?
The advantage is two folds. You now have longer, hence stronger, password and it is still something you will easily remember. Perhaps more easily if it is a quote from your favorite song or poem or manual or something like that.
Always have a mix of lower and upper case.
This could be tricky if you only have a word as your password cause you will have to remember which character is set to lower case and which is set to upper case. Having a phrase for password will kind of solve this. For instance you can simply decide first word to be lower case, second to be upper and so in turns. So from “ihatepassword” we now have “iHATEpassword”.
Change character resembling a number to that number
The character O resemble zero, E resembles 3 and A resembles 4, S resembles 5 while i resembles 1. So from “iHATEpassword” we now have “1H4T3p455w0rd”
By now you are proficient in creating strong password that not only will be easily remembered but also will be easily transfered. If you wish to share the password, say, to your team mate at work for instance you can shout the original phrase out loud across the hall provided the whole team know the rules. People who think you are an idiot for doing that and try to use the password are in for an eternal puzzlement.
Bonus tip for the paranoid ones.
You can even heighten the security level of your already strong password by:
Change the character resembling a symbol to that symbol
The character a resembles the symbol @, 5 resembles $. So now from “1H4T3p455w0rd” we now have “1H@T3p@$$w0rd”.
Beware though not all system would accept symbols among the password characters. And yes such system clearly not a safe one.
Break the rules lay out in this article.
If you follow everything said here religiously you’re only safe from people who don’t read this article which is something I intend to sabotage. Hey.. I’m trying to make a living or at least be famous here!
Password is about authentication so be unpredictable. Break some of the rule lay out here but not so much to the point you lose the pattern and you are back having a hard time remembering it again. Just make your own consensus like only the first character 5 will be change to $ the rest stay as 5. Be creative.
Now go change ALL your passwords…