Creating strong passwords
Chris Hogan, 4th May 2016, Business
With passwords to remember for almost everything from forums and shopping sites to banking and other financial services it's vital to protect our online identities. Strong passwords are key to this but how can you create them and remember them?
One tip we found for managing lots of passwords was to remember them all - very helpful. But for most people that doesn't come easily, so how do you cope with multiple passwords?
There are two ways that your password can be compromised - the first is for it to be guessed, so it's important to make it difficult to work out.
The second is for someone to find out what your password is, either by watching you in person or by installing software on your PC that can record your keystrokes. For this reason it's important to use different passwords for different systems.
Put those two situations together and it means your passwords have to be hard to guess and different for every system. It's a bit of a tall order - no wonder many people can't be bothered.
But we do have a solution.
Mnemonic passwords
Instead of using a word, think of a sentence or phrase that you won't forget easily - a line from a song perhaps, like "In Penny Lane there is a barber showing photographs". Take the initials and you have "ipltiabsp", which isn't going to be easy to guess.
Mix it up a bit by substituting punctuation marks and capitals to give something like ip!ti@bsP
To make it different for different services, add a two or three character abbreviation for the service you're using. This would give you, for example:
- EBip!ti@bsP - eBay
- ip!ti@bsPYH - Yahoo
- YTip!ti@bsP - YouTube
- ip!ti@GMbsP - Gmail
... and so on. It's important to make them different from each other, otherwise if someone finds out your password for one website they'll have access to all your other accounts.
More than one
It's also worth having more than one personal phrase. You can have one for the services that don't matter that much, like forums, but have different phrases for all your key services - like bank accounts, email or social media.
It's these ones that can cause you a lot of trouble and heartache if someone breaks in, so it makes to have a unique password for each one.
One more thing
It's vital to have anti-virus and firewall software on your computer to prevent malicious programs viruses getting in - if it's a Windows PC, don't rely on the built in package. Although it's improved in Windows 10 it's still not enough and you're strongly encouraged to install another package.
Good anti-virus software will prevent viruses and trojans getting on your system that can copy your keystrokes and steal your passwords. There are free versions of many good packages like Avast, Avira or AVG so you don't necessarily have to pay - we've put some links in the references section below.
It's worth it
It all sounds like a lot of trouble but it's a lot easier than having to change all your bank account details if someone hacks your account.
STOP PRESS!
To underline the importance of this, just as we were filing this story news broke that a batch of 272 million usernames and passwords had been offered to hackers, including gmail, hotmail and yahoo addresses. Gmail, yahoo and hotmail hadn't themselves been hacked, more lesser websites where people had used those emails to login.
But if any of those 272 million people were using the same passwords to login to email they would all now be open to the hackers.
Our advice is to change passwords for any of those accounts straight away - better safe than sorry.
