Guide to Protecting Online Identity. How to Create Strong Passwords?

Ultimate Guide for Creating Strong Passwords

Tips to Protect Online Identity by using Strong password.

Big company spent millions of dollars to keep customer date secure
At a same time we as customers or/and users sometimes ignore warnings and suggestions just to make passwords easy to remember.

What makes a password strong (or weak)?

Tips to Protect Online Identity by using Strong password

We sometimes keep same password all over the social media, or online banking accounts for the same reason.  Then some of us wander how it possible that someone break and still personal data that quick and from so many accounts.

The goal is to get users to choose better passwords. The problem is that as creative as humans are, we are way too predictable.  Try to make a list of totally random words, inevitably some sort of pattern will emerge in your list.  That is the easiest and exactly what hackers use sometimes to break the password in the first place. Selecting good passwords requires education.

Passwords provide the first line of defense against unauthorized access to your computer. The stronger your password, the more protected your computer will be from hackers and malicious software.

What is the password?

A password is a secret word or string of characters that is used for authentication, to prove identity or gain access to a resource (example: an access code is a type of password).

Despite the name, there is no need for passwords to be actual words; indeed passwords which are not actual words may be harder to guess, a desirable property. Some passwords are formed from multiple words and may more accurately be called a passphrase. The term passcode is sometimes used when the secret information is purely numeric, such as the personal identification number (PIN) commonly used for ATM access. Passwords are generally short enough to be easily memorized and typed. (Source: https://en.wikipedia.org/wiki/Password)

Let’s see what some of the biggest company in the market recommend protecting your personal data.

Protecting Online Identity. How to Create Strong Passwords?

Protecting Online Identity. How to Create Strong Passwords?

How to create strong passwords?

A strong password is an important protection to help you have safer online transactions.

Ways to create a long, complex password:

  • Length. Make your passwords long with eight or more characters.
  • Complexity. Include letters, punctuation, symbols, and numbers. Use the entire keyboard, not just the letters and characters you use or see most often. The greater the variety of characters in your password, the better. However, password hacking software automatically checks for common letter-to-symbol conversions, such as changing “and” to “&” or “to” to “2.”
  • Variation. To keep strong passwords effective, change them often. Set an automatic reminder for yourself to change your passwords on your email, banking, and credit card websites about every three months.
  • Variety. Don’t use the same password for everything. Cybercriminals steal passwords on websites that have very little security, and then they use that same password and user name in more secure environments, such as banking websites.

Some or all above might help protect your online transactions.

Suggestions that might help you remember it easily:

What to do Example
Start with a sentence or two. Complex passwords are safer.
Remove the spaces between the words in the sentence. Complexpasswordsaresafer.
Turn words into shorthand or intentionally misspell a word. ComplekspasswordsRsafer.
Add length with numbers. Put numbers that are meaningful to you after the sentence. ComplekspasswordsRsafer2011.

Avoid common password pitfalls

Cyber criminals use sophisticated tools that can rapidly decipher passwords.

Avoid creating passwords that use:

  • Dictionary words in any language.
  • Words spelled backwards, common misspellings, and abbreviations.
  • Sequences or repeated characters. Examples: 12345678, 222222, abcdefg, or adjacent letters on your keyboard (qwerty).
  • Personal information. Your name, birthday, driver’s license, passport number, or similar information.

Tips for creating a strong password from Microsoft.
(http://windows.microsoft.com/en-US/windows-vista/Tips-for-creating-a-strong-password)

You should make sure you have strong passwords for all accounts on your computer. If you’re using a corporate network, your network administrator might require you to use a strong password.

What makes a password strong (or weak)?

A strong password:

  • Is at least eight characters long.
  • Does not contain your user name, real name, or company name.
  • Does not contain a complete word.
  • Is significantly different from previous passwords.
  • Contains characters from each of the following four categories:

Character category

Examples

Uppercase letters A, B, C
Lowercase letters a, b, c
Numbers 0, 1, 2, 3, 4, 5, 6, 7, 8, 9
Symbols found on the keyboard (all keyboard characters not defined as letters or numerals) and spaces ` ~ ! @ # $ % ^ & * ( ) _ – + = { } [ ] | : ; ” ‘ < > , . ? /

A password might meet all the criteria above and still be a weak password.

How to choose a strong password – simple tips for better security

http://youtu.be/VYzguTdOmmU

Password best practices, created by NASA:

It should contain at least eight characters

It should contain a mix of four different types of characters – upper case letters, lower case letters, numbers, and special characters such as !@#$%^&*,;” If there is only one letter or special character, it should not be either the first or last character in the password.

It should not be a name, a slang word, or any word in the dictionary. It should not include any part of your name or your e-mail address.

Following that advice, of course, means you’ll create a password that will be impossible, unless you try a trick credited to security guru Bruce Schneir: Turn a sentence into a password.

For example, “Now I lay me down to sleep” might become nilmDOWN2s, a 10-character password that won’t be found in any dictionary.

Can’t remember that password?

Schneir says it’s OK to write it down and put it in your wallet, or better yet keep a hint in your wallet.

Just don’t also include a list of the sites and services that password works with.

Try to use a different password on every service, but if you can’t do that, at least develop a set of passwords that you use at different sites.

Password tips from Google.

(https://accounts.google.com/PasswordHelp)

Tips for creating a secure password:

  • Include punctuation marks and/or numbers.
  • Mix capital and lowercase letters.
  • Include similar looking substitutions, such as the number zero for the letter ‘O’ or ‘$’ for the letter ‘S’.
  • Create a unique acronym.
  • Include phonetic replacements, such as ‘Luv 2 Laf’ for ‘Love to Laugh’.

Things to avoid:

  • Don’t reuse passwords for multiple important accounts, such as Gmail and online banking.
  • Don’t use a password that is listed as an example of how to pick a good password.
  • Don’t use a password that contains personal information (name, birth date, etc.)
  • Don’t use words or acronyms that can be found in a dictionary.
  • Don’t use keyboard patterns (asdf) or sequential numbers (1234).
  • Don’t make your password all numbers, uppercase letters or lowercase letters.
  • Don’t use repeating characters (aa11).

Tips for keeping your password secure:

  • Never tell your password to anyone (this includes significant others, roommates, parrots, etc.).
  • Never write your password down.
  • Never send your password by email.
  • Periodically test your current password and change it to a new one.

As you see some of the rules and tips repeat and this make sense.  If it harder to guess it harder to break it.

Complex passwords combining letters and numbers, such as passw0rd (with the “o” replaced by a zero), abc123 or/and Hello2U! meets complexity rule but very easy to guess and therefore unsecure.  H3ll0 2 U! is a stronger alternative because it replaces some of the letters in the complete word with numbers and also includes spaces.

Professional-Networking Sites, Social-Media Sites and Social-Bookmarking Sites

Professional Networking Sites, Social Media Sites and Social Bookmarking Sites


“Worst Passwords” of 2011 Revealed 30 Most popular week passwords:

1. password

2. 123456

3.12345678

4. qwerty

5. abc123

6. monkey

7. 1234567

8. letmein

9. trustno1

10. dragon

11. baseball

12. 111111

13. iloveyou

14. master

15. sunshine

16. ashley

17. bailey

18. passw0rd

19. shadow

20. 123123

21. 654321

22. superman

23. qazwsx

24. michael

25. football

26. iloveyou

27. princess

28. rockyou

29. abc123

30. and of course all time favorite bad word and its variations ex: f***you (sorry but it is very common and not secure)

References and Related reading:

How do I recover my Joomla admin password? Reset Joomla Administrator Password

Suggested by Microsoft:  6 rules for safer financial transactions online.

How to test password?  Test the strength of your passwords

Password Analysis Military Password Analysis

American Express:  Strong Credit, Weak Passwords

How to protect your Identities: Top 5 Ways People Get Their Identities Stolen

What does password mean? https://en.wikipedia.org/wiki/Password)

Ten Windows Password Myths