For years now, I’ve preached to people about the importance of using strong passwords.  My posts have included tips like: make it complex, make sure it is lengthy and change out common letters for numbers.  I’ve considered these to be golden rules for creating a password, and I stick by the fact that they can help protect you from the “bad guys,” but a recent article on Gizmodo.com has me rethinking a few things.

As the author of Why That Fancy Password Isn’t Nearly as Safe as You Thought puts it, that password you created is super complicated (which is good) but “You know who else loves it? Computers!”  A strong password is necessary, but are the rules we have lived by really helping us to create a VERY strong password?  Also, how difficult have we made it on ourselves to remember that password.  Personally, I have to hit the forgot password link on at least one website a week now, simply because I tricked myself, and I am getting really tired of it.

Password Strength from xkcd.com

RETHINKING THE STRONG PASSWORD

The cartoon from xkcd.com (shown above) is really worth far more than a thousand words or even a thousand dollars.  The artist shows a password much like any of the ones I use on a daily basis and quickly dispels the myth that it is difficult for a computer to guess.  Instead, he offers up an alternative solution.

Instead of creating a highly complex word, made up of special characters, numbers and letters, simply pick four random words and smash them together to create a new, hard to guess, super-password.

I’m honestly a bit dumbfounded that the answer is so simple.  Four random, common words can create a password that would take a computer 550 years to break!

WAIT JUST ONE MINUTE

The theory in the new, super-password is strong, but there is one flaw that I will not be able to get around right away and will still leave me looking for that forgot password link at least a couple times a month.  Every site seems to require a different set of standards for passwords:

• Your password must contain at least 1 number
• Your password must contain at least one capital letter
• Your password must contain one special character

The new super-password theory just doesn’t account for these rules and, until I can figure out a way to securely store my passwords in a way that no one can ever get to,  I’ll still be searching for a better method of password creation.  In the mean time, I’m off to pick four random, common words that I can easily remember!

MORE PASSWORD ARTICLES

• Should You Change Your Password? YES, Like Now! (JumpstartMyPC.com)
• Protect Yourself – Strong Password Tips and Tricks (JumpstartMyPC.com)
• The Problem With Passwords (Defence Intelligence)

Tags: forget password, forgot password, Gizmodo.com, Online, Password, safety, Security, Strong Password, super password

This entry was posted on Friday, February 3rd, 2012 at 9:22 am and is filed under Security, Tips and Tricks. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.