Security is a compromise between inconvenience and
So too is choosing a password - but there are some easy wins.
Simple passwords are so insecure that the risk to anything important is unacceptable (see below for a blacklist of features that render password insecure) . The ideal "strong" password is a seemingly random combination of letters, numbers and symbols chosen from across the complete spectrum of available characters.
Such a word may seem to be unmemorisable, and so will be written down, thus compromising the very security that it was intended to provide. But this need not be the case.
The mnemonic solution is widely accepted as a good method to
provide a memorable 'strong' password.
|Construct your password between 8 and 12
characters long by using the letters of a phrase.
"One apple a day keeps the Doctor away" (1aadktDa) would be an example, but is too common a phrase to be secure.
Instead, pick something meaningful to you, like:
You will note that very little effort has been required to construct a password that meets the 'best practice' rule that it must contain characters from at least 3 of the following 4 classes:
- Upper case letters
A, B, C, … Z
- Lower case letters
a, b, c, … z
0, 1, 2, … 9
- Non-alphanumeric characters
(note that some systems may not accept non-alpha characters)
Writing passwords down
For maximum security you should not write a password down. But if you feel you really do need to keep a record of your password, hide it in a place that's easy for you to find, but in a form or context that makes it all but impossible to identify as a password. For example: let's say you selected your childhood address as your phrase you could place an entry in your address book using your late maternal grandmother's name and the childhood address. This will provide a clue easily recognized by you alone.
|The following, when use in passwords, whether
or not they have other words added to them, are considered to be
"simple to hack", either by using brute force or from a little
bit of personal knowledge.