For every website that we are using especially those required a password, mostly are our email, crypto exchanges, forum accounts, social media accounts, etc. are requiring to make our password strong and secure. Did you follow them? or did you create a password that is too short? Common passwords? Well, that is bad practice. By using a strong password, it will help our accounts more secure against hacker over the internet.
We need to know first some example passwords that aren't advisable or very common one.A. All of these passwords are very common and
you should not use it!B. Never use passwords that include your
personal information such as:
- Name
- Date of birth
- Place of birth
- Your address
Reason because why you should not ever include some of your personal information on your password because it will be an advantage on the hacker if he/she know some of your personal info, he/she can easily guess your password by using them.
C. Never use common Substitutions:
Examples: - D0gH0us3
- W33kdays
- IL0v3D0gs
Using of these kinds of password is really obvious, like
D0gs , you just replaced the
o with a
0. It can easy to brute force attack, just by replacing some common characters with some numbers or letters.
Creating your strong passwordsSince we already know what kinds of password that shouldn't be used, we can now proceed now on creating a strong and secure password.
- Make sure your password is long,
mix of capital/small A-Z alphabets,
0-9 numbers,
special characters such as &^$#
Like S5#A$B1dpqzM^UMk , but this is very hard to memorize.
How to memorize these kinds of password? :
- The sentence method:
This idea of this method is you will create a password from a random sentence or any sentence created by you.
Example:
You will take every first 2 characters on each word from the sentence "I Was Born At 2:35pm In The Country Of Germany"
Result: IWaBoAt2:InThCoOfGe
- Using Passphrase
Passphrase is consist of multiple words, the randomness of every word for creating a passphrase makes it strong.
Example:
"Dog in the dark" - Word make sense and it is grammatically ordered.
"hulk touch adjourn omega" - Don't make sense phrase, not in grammatically order.
You can use this password by capitalized every second character of every word, adding a special character between the words.
Like hUlk&tOuch$aDjourn@oMega -
You can use the Sentence Method here, for example, taking every first two characters of every word, capitalized every 2nd character of the word and adding random special characters.
"hUlk tOuch aDjourn oMega".
Result : hU#tO!aD*oM$
- Using random password generator,
Also, wouldn't feel comfortable using an online tool like Avast to generate passwords. Much more comfortable using an offline tool to generate passwords like a password manager eg.
https://keepass.info/ With KeyPass, you can generate strong passwords in 2 simple steps.
Step 1: Select dropdown box
Step 2: Select the strength required of your password
Note: You can also customize what characters are allowed / disallowed in your passwords when they are generated which is handy.
Lastly, using password managers also solves the problem you mentioned of passwords being "hard to memorize".
REMOVED the Avast Random Password Generator, since I found that the offline and open-sourced one is much safer.
- Password Manager
Using a password manager will help us to ogranize our different password on different website. I will suggest to use https://keepass.info/, this is open-source project and free.
Steps on how to use KeePass password manager:
1st, Download and install the KeePass, you can use the portable version or the installer.
2nd, Once the installation is done, you will be asked for the master password and the location path for the KeePass KDBX File (.kdbx) where you can use that as your backup.
3rd, Fill up the fields.
You can just easily copy/paste your password in different entry you made, by just double-clicking it on password field. Password will paste on your clipboard and will automatically delete after 12 seconds.
*Make sure you save your database of KeePass safe and remember your master password on the database*
Thanks whotookmycrypto and OmegaStarScream for this.
Android Version:
KeePassDroid
I just found an android version for password manager/password generator which is also open-source and you can use it offline.
The good thing here you can import your database file from your KeePass in windows. They are almost the same.
Read/write support for .kdb and KeePass 1.x.
Read/write support for .kdbx and KeePass 2.x.
TIPS- Do not share your passwords to anyone.
Be careful who you trust, never share your password.
- Use a different password for every account you have.
Just like on different crypto exchanges, don't use only one password for every exchange you have.
- Always create long passwords.
The most recommends password contains a minimum of 8 characters or 12 characters
- Never upload your passwords to the cloud.
Avoid storing your passwords online, like storing it on some file hosting services.
- Always use two-factor authentication(2FA) or multi-factor authentication (MFA).
This will help your account more secure, since before you can log-in on a particular website.
- Be careful on Phishing websites.
Even how strong your password is, once you fall in phishing website, it's useless.
Some discussion here
Creating strong password..
You got any ideas creating our password strong and secured or any tips? feel free to add by posting it below
Filipino Version: Gabay sa Paggawa ng Malupit at Ligtas na Password
Sources:
How to create a strong passwordHow to Create a Strong Password (and Remember It)How to Create a Secure Password[must read]Tips on creating a secure password[important]
