Let me start by admitting a dirty little secret: until recently I was guilty of being a password re-user. I had one “OK-ish” password that I used for many, if not most, of the things I needed to log in to. The problem with this, of course, is if any one website I have logged into is hacked, my password to all the other websites is also hacked. Once the hackers get a known good password associated with your email address, they will try it over and over again on other sites looking for ways to make money (or steal) using your information.
Even if they have no initial success, they will hold on to that information and periodically come back and try that user name / password combination again and again.
The best way to reduce the risk of being “hacked” is to use strong passwords and unique passwords for each and every thing you need to log in to. This article will discuss (briefly) what qualifies as a “strong” password, ways to make a strong password you can remember, and how to keep a bunch of strong passwords organized.
What constitutes a “strong” password?
There is no industry standard for what makes a strong password, however there are guidelines we can use to make our passwords as strong as possible.
Password Length: 12 characters should really be the minimum used and 16 characters would be better.
No part of your user name (or e-mail address) should be in your password (i.e. JoeJones1234! )
Passwords should contain at least 3 of the following things: UPPER CASE letters, lower case letters, numbers (0-9), special characters (~!@#$%^&*_-+=`|\(){}[]:;"'<>,.?/)
It is possible to follow these guidelines and still make a marginal password. “BigHouse$123” fits the requirements here. It’s 12 characters and includes upper-case letters, lower-case letters, a symbol, and some numbers. But it’s fairly obvious—it uses words found in the dictionary and each word is capitalized properly. There’s only a single symbol, all the numbers are at the end, and they’re in an easy order to guess.
“B1gH0u$e#123” Would be better.
How to make a strong password you can remember:
With the tips above, it’s pretty easy to come up with a password. Just bash your fingers against your keyboard and you can come up with a strong password like 3o(t&gSp&3hZ4#t9. That’s a pretty good one—it’s 16 characters, includes a mix of many different types of characters, and is hard to guess because it’s a series of random characters.
The only problem here is memorizing this password. Assuming you don’t have a photographic memory, you’d have to spend time drilling these characters into your brain. There are random password generators that can come up with this type of password for you - they’re generally most useful as part of a password manager that will also remember the passwords for you.
You’ll need to think about how to come up with a memorable password. You don’t want to use something obvious with dictionary words, so consider using some sort of trick to memorize it.
For example, you might find it easier to remember a sentence like “I write a blog for my website. I need to update at least 3 times a month.” You can turn that sentence into a password by using the first digits of each word, so your password would become IwabfmwIn2u@l3tam. This is a strong password at 17 digits. Sure, a true random password might include a few more numbers and symbols and upper-case letters scrambled around, but it’s not bad at all. Best of all, it’s memorable. I just need to remember those two simple sentences.
How am I supposed to remember different passwords for different things?
You can simply write them down on a notepad and keep them next to your computer. This works well and is very secure from ONLINE hacking, however is vulnerable to other people who have access to your space.
There are preprinted password “address books” that take the notepad method one step further with more organization. I have included a link to an inexpensive one at Amazon.
The better method (in my opinion) is to use a Password Manager. This is some kind of software based solution that will keep track of your password for you, even enter them for you when you get to the login pages you use. They will help you create very strong passwords for each site.
If you have a Google Account (and if you have Gmail address you have a google account), Google has a free built in password manager that will do all of these thing for you as long as you use Google Chrome as your web browser (or one of the browsers that uses the Google Chrome engine as its base).
There are also other commercial products available that will manage and generate passwords for you as well as provide other security related things (Virtual Private Networks, Online “Wallets” that save credit card information to make it easier to shop online, etc…)
I have listed below several of the top password managers available at the beginning of 2022.
KEEPER - $2.91 / Month or $34.99 / Year for 1 User. $6.24 / Month or $74.99 / Year for 5 Users
ZOHO Vault - Has a “Free Forever” plan that is fairly robust, and a $0.90 / Month ( $10.80 / Year ) plan with plenty of features. ZOHO offers dozens of other applications as well (for added costs).
Dashlane - Has a “Free” plan that lets you store up to 50 passwords on 1 device, a “Premium” plan ($6.49 / Month or 59.88 / Year) for unlimited passwords on unlimited devices (you can put it on your phone and your computer, and your tablet …..) with some other features thrown in. There is also a family plan.
LastPass••• - Has a “Free” plan that lets you store unlimited passwords on 1 device, a “Premium” plan ( $36.00 / Year) for unlimited devices with some other features. There is also a family plan.
Other good options Bitwarden, Password Boss, 1Password