According to various Internet security sources the most commonly used password on the Internet is 123456 closely followed by password.
When adobe got hacked and the passwords published online the top 10 passwords used were.
Passwords are important! and although you may be in a rush when you register for an online service or creating a new email account, you need to give some very careful thought to your password.
When choosing a password you need to take into account a few important facts regarding best practises, and password rules that are commonly employed.
Most online services (including email) will impose restrictions on the Password length, and the characters you can, and cannot use.
e.g. minimum length of 6 characters and maximum of 16, at least one upper case character and at least one number.
A special character may be required and some special characters like ! / may be excluded, so have a backup character.
Some services will also force periodic password changes.
It is Good practise to
- Use a different password for each online account/service/email address.
- Change passwords frequently.
- Use a mixture of characters, numbers, upper case, and special characters in the password if possible.
- Use a minimum of 8 characters
It isn’t a good idea to:
- Use nouns or any word found in a dictionary – English or foreign
- Use personal information e.g. children’s names and date of birth
- use key sequences like qwerty
Methods for Choosing Secure and Easy to Remember Passwords
When choosing a password it is a good idea to use a procedure or method to select secure, and yet easy to remember password.
Randomly generated password are very secure, but not easy to remember which usually means that you will have to write them down or that you will forget them.
Here are two methods that I use when creating new email and account passwords:
Choose a phrase or saying that have some meaning to you e.g a phrase, from a book, a famous quote, a ,nursery rhyme.
Example The nursery rhyme Humpty Dumpty. The first two lines are:
Humpty Dumpty sat on a wall,
Humpty Dumpty had a great fall.
Now just use the first letters of each word and you get
now you need to capitalise and add numbers and special characters.
For numbers you could use a number that has special meaning like an old street address, and have a rule of capitalising each vowel or each A or each first vowel.
So lets say
- our number is 2
- our capital rules are to capitalise each third letter
- our special character is * or %
- For simplicity our numbers and special characters will go at the end of the password
So we could use a password of
You can check the strength of this password using online tools like the one found at passwordmeter.com.
This method requires that you choose two to three words that mean something to you but are unrelated.
e.g perhaps you like to go on holiday in France, love cakes,
So we could start with the base
the we capitalise
and now add numbers and special characters.
Again you need to establish rules of where you will place the numbers and special characters and what to do if your preferred special character isn’t allowed.
In the above example we could use the number instead i.e. 7 or use the next special character on the keyboard which is *
so our password would be either pArIs17tArt or pArIs1*tArt
This one isn’t as strong mainly due to the password length. Generally length is more important than complexity.
Handling Multiple Passwords
It is also recommended that you have a different password for each online service/email account that you use.
This requirement makes choosing a password very difficult without a system, and even with a system in place it isn’t easy.
The method I use is to create a password using one of the methods above and to add characters to the end or beginning based on the service name.
So the format is service name +base password
e.g if my base password was 123456 then for my Gmail account the password becomes:
If you have many online accounts then I would suggest you create several base passwords.
Here is a very useful video explaining the principles
When I first wrote this article I didn’t even consider this method as I was always taught to choose random characters as it was more secure.
However as this article correctly points out the password length is what makes password secure.
Read the tutorial it is very informative.
Browsers and Password Managers
All modern web browsers have built in password managers which will remember passwords to sites that you visit, and require a username/password.
These are easy to use and save a lot of time but they aren’t very secure.
If you have asked the browser to remember the password then you can login to the site without needing to enter the uername and password yourself.
The problem with this is that anyone with access to your computer can access the sites as well without needing to enter the username and password.
In addition both Firefox and Google chrome store the passwords in plain text which you can access.
On Chrome go to options and settings then advanced settings .
Select manage password and you are presenting with a list showing the website name/address, user name and password (hidden). Select the one you are interested in and click the show password button.
Firefox offers an additional security layer in the form of a master password that you need to enter to unlock the other passwords.
It isn’t enabled by default.
Go to Tools>options>security and enable use master password
Enter a password for the master password. This must be secure as it protects your other password.
Writing Passwords Down
Well I must confess I do it, and I know I shouldn’t. I never actually write the password, but a memory aid to the password.
The surprising truth is that there are many people who are happier writing them down.
So much so that a simple paper Log Book (Password Organizer) is in the Amazon best seller list and has been in the top 100 for over 1000 days.
If you do use it then use the memory aid rather than the actual password,, and keep your book safe.
Related Articles and Resources
- Finding and Recovering Lost Passwords
- How to Reset your Yahoo Password
- Create a new Yahoo Email Account
- Password strength checker
- Password hacking daily mail article