Please register to participate in our discussions with 2 million other members - it's free and quick! Some forums can only be seen by registered members. After you create your account, you'll be able to customize options and access all our 15,000 new posts/day with fewer ads.
When asked why she had such a long password, she rolled her eyes and said: "Hello! It has to be at least 8 characters long and include at least one capital."
This seems like a good place to discuss the idea for folks that aren't sure how to create good passwords.
Good Password methods:
Pick your word and replace some of the characters with numbers that look so similar it is easy for you to remember.
and capitalize the first or last letter.
Example:
Use the word "northeast"
N0rthe4st
"speaker"
sp34k3R
This seems like a good place to discuss the idea for folks that aren't sure how to create good passwords.
Good Password methods:
Pick your word and replace some of the characters with numbers that look so similar it is easy for you to remember.
and capitalize the first or last letter.
Example:
Use the word "northeast"
N0rthe4st
"speaker"
sp34k3R
Anyone have other tips?
Yep. Pick your secret word. It is NOT you mother's maiden name, but it COULD be the street your grandmother lived on or the town your cousin lives in. Then scramble it up like Peregrine suggested. Now add some numbers to it to indicate the month, like 04 for April and vary where the numbers are placed, sometimes in the middle and sometimes at the end.
With the month indicated, you can change your password when the paranoid network administrators think you should and still be able to remember what it is without writing it down (which violates Rule #1 about passwords). All you have to remember is what your own secret magic word is.
The two tips I'd add are to make it as long as possible (a phrase is better than a word) and add non alpha characters to the letters and numbers. Something like: "My_d0g 1$ br0wn-and-furry" is easy to remember, but fairly hard to crack with brute force methods.
One of the software packages that I write has an industry certification requirement for strong password mechanisms that include: no less than 8 characters, upper and lower case, numbers, and non alpha numeric characters (!@#$%^_- etc.)
We also require changing passwords every 90 days, and are not allowed to reuse the last 3 passwords that were used (meaning that you have to have at least 4 unique passwords over the course of a year).
This is not to detract from the tips above as they are very good/valid tips. But do keep in mind that many password crackers (or dictionary files, actually) do take into account the popular substitutions (i.e 3 for e, ! for 1, 0 or o, etc.). This isn't' to say they are worthless, but just as security in general, you need to apply them in layers. i.e. using "Fido" as a password and just substituting the i and o with ! and zero isn't going to do a whole lot since the password picked initially isn't the best choice (and many dictionary files will have those variations for common terms/words).
passhrases incorporating the other factors mentioned is what I would also recommend.
Another method is to use patterns on the keyboard.... i.e. 1qaz$R%T^Y - which is basically going down the column of the key board from 1, then hitting 4R, 5T, 6Y (each letter is simply the key beneath the number) with the shift key down.
Of course, as technology continues to move, I think the ability to support multi-factor for even the most basic I&A is the way to go.
Passwords are like any other kind of security, anything is beatable it is just a matter of how much time it takes to do it. We can use long passphrases which are easy to remember but can be hard to enter if you suck at typing. I hate trying to explain the password requirements to non-technical people because they sometimes have trouble understanding what they can and can't use.
Quote:
Originally Posted by plwhit
Do what I did, "they" wanted a strong password?
(password edited out so I don't get slapped for trying to beat the cursing filter again)
Then I wrote it on a paste-it and put it on my wall....
In case you are wondering, your tech support probably could have retrieved your data but once they saw your password they did not bother. They probably were thinking the same thing about you once they read your password.
Then I wrote it on a paste-it and put it on my wall....
LOL!
Please register to post and access all features of our very popular forum. It is free and quick. Over $68,000 in prizes has already been given out to active posters on our forum. Additional giveaways are planned.
Detailed information about all U.S. cities, counties, and zip codes on our site: City-data.com.
Please register to participate in our discussions with 2 million other members - it's free and quick! Some forums can only be seen by registered members. After you create your account, you'll be able to customize options and access all our 15,000 new posts/day with fewer ads.
