How to choose a good password

What you must not chose as a password

Probably the most important thing is the decision what should be avoided. This is everything you might have a personal “relationship” with. So un particular you must not chose

  • names of wife, friends, children, pets etc.
  • names of characters from books, plays, movies etc.
  • birthdays of yourself, your wife & children etc.

Also it is a good idea not to go for a word that you can find in a dictionary. There are electronic versions of dictionaries for almost all languages and password cracking programs that make use of those.

How to chose a good password

Any password should match the following rules:

  • esay to remember for you
  • impossible to guess for anybody else
  • contain
    • lower case letters
    • upper case letters
    • at least one number
    • at least one special character (e.g. “&”)

There are several techniques for developing a password. The two most common ones are explained below:

  1. Take a short sentence (e.g. lyrics from a song you know) and make the password by taking the first character of every single word.

    Sentence I like ice cream very much
    Password Ilicvm

    You can improve this by putting in a number and a special character.

  2. Take the first half of one word, the second one from another and link them with a figure and a special character.

    First word garden
    Second word balloon
    Password gard2&loon

How to handle passwords

  • Do not write them down. A good password is easy to remember and by that does not need to be written down at all.
  • If you think you have to write it down, do it in a way that nobody else but you can either access it or understand that the text written down actually is a password.
  • Do not tell anybody else, including the sysadmin or other technical people within the company (!), your password. No one should ever ask you for your password. In case this still happens, contact your security officer immediatly! By the way: This way of getting hold of passwords is often referred to as “social engineering”.
  • Change your password regularly. By that you avoid that anybody who, by chance, saw you typing your password can exploit this forever.
  • Make sure that nobody can see your fingers while you enter the password.
  • If you think anybody else knows your password or has seen you typing it, change it immediatly.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.