Les Ey on the Web

Tech Tips: Passwords

Wait! If you think your password is okay, then it probably isn’t. That’s even if you have followed the advice on choosing a good password. I’ve worked in IT for over 20 years, so I should know all about security, but I’ve been a victim of malware and credit card fraud. I’ve had my Facebook account and my website hacked, and I’ve also had sophisticated scam emails that nearly fooled me, though I’d like to think I’m pretty good at spotting them.  

You need a secure password for your social media accounts, email account, financial accounts, and your website. They need to be unique for all your important accounts. Moreover, you must change them regularly. (Perhaps every six months). 

So what is a good password? Is g00dpw123 okay? According to https://www.security.org/, it would take only 42 minutes for a brute-force attack to crack it. Okay, is #3L1P98^ better? It’s worse, that would take 19 minutes.  

A good password should be very long (20+ characters) and easy to remember. One way is to use a password manager like 1password or to use three unrelated words and spaces. 

e.g. ‘lavender bathtub cabbage’ would take four sextillion years (but don’t use that one because its visible on this website and hackers could add it to their dictionary.) 

It’s a good idea to change your password regularly because of data breaches, e.g., according to monitor.firefox.com hackers stole my passwords from Daily Motion, Myspace, and Last.fm; (and that is just the known ones).  

See How to Create a Strong Password (and Remember It) for more details. 

Be careful online! 

Les 

Edited June 2020

There are several things I neglected to mention; one is that you should use a password manager. Password managers make it easy to create and store secure passwords, e.g. Dashlane or LastPass. With a password manager, you only need to remember one password. Another good idea is to use two-factor authentication when it is available. Also, make sure you provide an email or phone number to online accounts so that you can reset your password if it is lost.
The article 14 Ways to Create a Secure Password in 2020 (That you’ll Remember) has some other good points about passwords.

Another tool that evaluates the strength of passwords is Password Meter – How Secure is my Password?

Views: 29

Les