What makes a good password?

16 September 2014

Question

What makes a good password that is hard to hack?

Answer

Amelia - With the amount of personal information people put online, keeping our data protected is clearly important. But some of the most common passwords used by people include: 'letmein', '12345', and the very original 'password' which surely, are not very secure. So, what is the best way to insure our security online whether it's for our Facebook or Twitter account or something more important that is internet banking. We went to Lorrie Faith Cranor, a security researcher at Carnegie Mellon University, Pennsylvania about her suggestions for a super safe password.

Lorrie - A good password is one that is difficult for other people to guess but easy for you to remember. It should be tough both for people you know as well as from malicious attackers who might make billions of guesses to figure out your password.

Amelia - So, we have to consider attacks from people who know us, as well as malicious hack attempts which can spew out billions of guesses. So, what kind of password simply can't hack it?

Lorrie - To create a good password, pick a word or phrase that you can remember but don't use the lyrics from songs or anything else that's popular and don't use the name of your pet, your phone number, or other information people might know about you.

Amelia - I better start changing my passwords then. So, what's an example of a really tough password to crack?

Lorrie - You might use the first letter of each word in a phrase that you make up then add some extra symbols and numbers or capital letters in the middle. Don't just put them at the beginning or end and don't substitute numbers that look like letters. It's good to have at least 12 characters in total.

Amelia - Wow! That's a lot to remember. So, can we save time by making one super password and then use it for every account?

Lorrie - You should use different passwords for every account. So, some people find it useful to have one secure password that they add a few extra letters to each time. This can help you manage a large number of accounts, but isn't a good idea for your most important accounts. It is much better to write your passwords down in a secure place than to use the same password for multiple accounts. Password managers are also a good way to keep track of your password securely so you don't have to remember them all.

Amelia - So, it would seem a combination of numbers, symbols and lowercase and uppercase letters will hopefully guarantee your accounts are for your eyes only. Thanks, Lorrie. Next week, we are trying to solve the answer to this question from Nikki in South Africa, who wanted a couple of tips for her school project.

Nikki - How is self-cleaning glass made? Amelia - Windows that won't need to be cleaned again, computer screens free of dirt and grime, and no more grubby fingerprints on your smartphone. But how on earth is this possible? What do you think?

Add a comment