1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
|
Your digital private life has a weak point that can unlock all your secrets -- your password. Whether you use a single-sign-in solution like [http://openid.net/ OpenID], or have separate passwords for every account, your accounts are only as secure as your passwords.
Based on what limited data is available, the vast majority of us choose very poor passwords. A MySpace phishing attack that netted some 34,000 actual user names and passwords, [http://www.wired.com/politics/security/commentary/securitymatters/2006/12/72300 revealed] that the number one password was "password1."
While we admire the stab at security -- throwing a number in the mix -- in today's world that's not going to cut it. Here's some tips for choosing a strong password.
**Size matters** Some sites put restrictions on password length, but whenever possible try to choose the longest password you feel comfortable remembering.
**Don't rely on the dictionary.** Using a word may make your password easy to remember, but it also makes it vulnerable to a dictionary attack, that is, throwing every word in the dictionary at your account until the attacker finds your password. Making up your own word or using a random series of letters and digits greatly reduces the chances of someone cracking your account.
**Use numbers, capital letters and symbols.** Again, the less human readable the password, the greater the chances no one is ever going to guess it. Throwing a bit of cartoon swearing, like @#$@$%#, in your passwords will make them more difficult to guess.
**Use a Password Manager for websites** Applications like [http://agilewebsolutions.com/products/1Password 1Password] for the Mac, or [http://keepass.info/index.html KeePass] or [http://www.roboform.com/ Roboform] for Windows, can create and manage strong passwords for you. One of the key features in both is the ability to generate random passwords for websites. That means you can have a very long, totally random password that you don't need to remember. The only catch is that, if you use multiple PCs, you'll need to sync your password manager.
**Use patterns of the keyboard** Want a random password for optimum security, but can't memorize things? Look at your keyboard and find a pattern, for example type straight up from the b key: bgt5, and then back down from the 6: 6yhn. Throw a made up word in the middle, complete with capital letters, a few symbols and you've got a password no one is likely to guess.
**Type a sentence** If the keyboard patterns doesn't work for you try using a short sentence and instead of spaces between the words, insert symbols and numbers. It's not quite as secure, but it sure beats password1. Bonus points for typing the sentence backwards
==Future Outlook==
In the future security is going to be an even greater concern, both online and off. As attackers get more sophisticated, users will be forced to do likewise. Fingerprint readers and retinal scanners will be common built-in items on PCs. To login to sites your browser will ask the operating system to scan your retina or read a fingerprint before proceeding.
Artwork: I'm a fan of: http://www.flickr.com/photos/fabiovenni/457695833/
|
