|
|
Issue
60 - September 2009
|
How
to Create a Good Password
By
Clevin Wong
|
|
|
A good password is easy to remember but hard to
crack. It should be long (at least 8 characters, 14 characters
or longer is ideal), complex (include a combination of uppercase
and lowercase letters, numbers, and symbols), difficult to guess
(appear to be totally random to anyone except you), and easy for
you to remember.
With all these requirements, it may seem difficult
to create a good password satisfying all of the criteria. Fortunately,
it is not so difficult, there are some simple steps one can take
to create a strong and memorable password:
-
Make up a unique phrase which is easy
for you to remember but difficult for others to guess.
Avoid using common phrases, idioms or quotations because a password
cracking program can search them through dictionaries or quotation
databases. In general, the longer the phrase, the stronger your
password can be; but make sure it will not be too long for you
to remember. For example, you can use a phrase like "Ken
and I go to Causeway Bay to buy a new digial camera".
-
Take the first letter of each word
of the phrase to create a unique and nonsensical word.
Using the example above, you will get “KaIgtCBtbandc”.
- Add complexity by mixing uppercase and lowercase letters
and numbers. Your password should include a combination
of uppercase letters, lowercase letters and numbers. You can also
use some letter swapping or misspellings to increase the complexity.
Using the example above, you can (1) substitute “K” with “k”;
(2) substitute “t” with “2”; and (3) substitute “dc” with “DC”.
Hence, you will get “knIg2CB2banDC”.
- Add complexity by adding some symbols. You
can insert some symbols to make the password more complex if you
think the above is not good enough. Of course, you need to check
what symbols are allowed in your password first. For example,
you can (1) substitute “C” with “(”; (2) substitute “a” with “@”;
and (3) append “!” at the end. Finally, you will get “knIg2(B2b@nD(!”
as your password.
The string “knIg2(B2b@nD(!”
is a good password because it is long (14 characters), complex
(with uppercase letters, lowercase letters, numbers and symbols),
hard for others to guess, and easy for you to remember. Finally,
though it is a good password, don’t use the same password for
all your accounts and don’t ever write them down in clear text.
You should apply the above steps to create different passwords
for the accounts of different applications or services, e.g
e-Banking, work related, social networking, … etc.
References:
|
|
|
|
|
|
|