Passwords are a necessary evil. They're a pain to create and a struggle to remember - as this comedian hilariously explains. But if you decide to take shortcuts, you make a hacker's job much, much easier.
Fortunately, I know a few tricks to make the whole thing simpler. Before I get to that, though, it's good to refresh your memory on a few ground rules for creating strong passwords. Let's start with the most basic rule:
Don't make the password easy to guess
Whenever there's a big data breach and user passwords are exposed, security companies always make a list of the most common passwords people were using.
Among those studies, the five most common passwords were "123456," "password," "12345678," "qwerty" and "12345."
But weak passwords aren't the only thing to watch out for. Hackers have computers that can "guess" for them. And chances are good that even security-conscious folks might make a common mistake in creating their password.
DARPA released a study not long ago that tracked passwords at a Fortune 100 company and found that about half followed five common patterns. Here are three of the most common patterns found in the study:
- One uppercase, five lowercase and three digits (Example: Komand123)
- One uppercase, six lowercase and two digits (Example: Komando12)
- One uppercase, three lowercase and five digits (Example: Koma12345)
These are just things people do without thinking about them. However, if you create a password with any of those patterns it makes a computer's job a lot easier.
Obviously, you shouldn't use those patterns or anything like them. The same goes for using special dates, names of spouses, children, relatives or pets, or any password using the full name of the service you're making the password for.
The strongest password is one that contains a random collection of letters (uppercase and lowercase), numbers and symbols. Of course, that's nearly impossible to remember, but we'll deal with that later on.