About Passwords

Passwords can be quite a hassle. Most computer users have many secure accounts all over the web, for forums, chat rooms, email accounts, bank accounts and shopping sites. They might also have several on their own computer, for user areas, administrative tasks, encrypted files, IM accounts, wireless network connections and email clients. Many networks – such as those in workplaces or in schools and universities – require regular password changing as well. It can be extremely difficult to juggle these dozens of secure character strings at once.

It may be tempting, therefore, to pick easy-to-remember words, such as the names of pets or family members, or to use the same password for everything. However, it is extremely important that at least the most sensitive of your password-accessed details are afforded the highest protection possible from your choice of password. While it is reasonable to use the same password for, say, several chat rooms, online communities, or rarely-used email accounts, you should ensure that you choose unique, high-security passwords for the following items:

• - Your primary email account
• - Your online bank accounts
• - The administrative account of your computer, and any accounts which afford access to personal data
• - Your wireless network connection
• - Any websites which store your credit card details
• - Any other site or account which stores important personal details

What Makes a Good Password?

- A good password is unique. You should not use the same password for all your banking activities; if the password is compromised, so will be all of your accounts.

- A good password is not a single dictionary word. Even names and swear words are in the dictionaries that some criminals use to try to crack passwords. If you decide to use an English word in your password, misspell it. You should certainly not use easily-guessable words, such as important names or dates, and you should avoid including any part of the website name or your username in your password as well.

- A good password contains as many different kinds of characters as possible. Include upper-case and lower-case letters, numbers, symbols and punctuation marks wherever possible. The more different kinds of characters your password contains, the more secure it will be.

- A good password is at least eight characters long, and preferably longer.

Creating a Secure, Memorable Password

Creating a secure password is very easy. fs9H#j~\W(* is an excellent password in terms of security. However, remembering just one such password would be extremely difficult, let alone the dozen or so of which you will probably find yourself in need! There are several good ways of creating a password which is both memorable and secure:

- Make up a word. You can do this by selecting a random consonant, a random vowel, a random consonant etc. This will usually produce something that sounds silly and therefore quite memorable, such as "dapolebudi". You can then increase the security of your password by performing some substitutions: swap O for 0, e for 3, a for @ and so on. Also add in some capital letters. Example: d@p013bUDi

- Choose two or three short words of which you can make a strong visual image in your head – something funny will be easier to remember. For example, the words "lemon" and "goat" could be called to mind by picturing a goat wincing from eating a lemon. Stick all these words together with symbols or numbers in between, misspell them, and substitute numbers or symbols in place of letters where possible, as well as adding capital letters. Example: l3m@N~&gOwt

- Make a mnemonic: choose a sentence or phrase you can easily remember, such as a lyric from a song, and use the first letter of each word of the sentence or phrase as your password. For example, the line "Silent night, holy night, all is calm, all is bright" would become "snhnaicaib". You can then add in any punctuation, symbols and substitutions. Example: 5n,hN.@iC-4iB

- The mnemonic method is very useful if you have to change your password frequently – choose a song, and then use the next line to create your mnemonic each time you pick a new password.

- You could use an entire phrase as a password. Remember that the longer your password is, the harder it is to remember. Long phrases, even without substitutions, are much more secure than they look, because guessing all the parts of them would be extremely difficult – and yet they are often easier to remember and type than more fiddly, shorter passwords. If you are worried about someone guessing your password from watching you type it, or if you are concerned about making typing errors, you might well want to choose a password that you can type quickly. Example: jollyberry#9@christmas-pie.org

- To further increase the security of any password, try typing it one key on the QWERTY keyboard to the right of the character you have in mind. Example: "ILikeJam" becomes "O:olrKs,".

- Bear in mind that a dictionary word with some substitutions or characters added on the end does not constitute a good password. (For example, "h3l3na?!" is not a good password.) This is because those who try to crack passwords often have software which can "read" common substitutions such as 3 for e, @ for a and so on. If you must use a dictionary word, make sure that you misspell it, split it up with extra characters in the middle, and perhaps think of some unusual substitutions, such as |= for F.

However you design your password, try to associate that password in your mind with the login page that requires it. Don't do this directly (say, by using the colour of the page in your password), but try to make a mental connection between your password and the page. If you are using the mnemonic method, the phrase you choose could easily be related to the account to which you will be logging in; for example, a bank account password could be based on the phrase "The bank in Harry Potter is called Gringotts" ("tB#1HP;(ic)G").

Protecting Your Password

Having designed your secure passwords, you should be careful to keep them safe. There are a few things to bear in mind with regard to the safety of your passwords.

- It bears repeating that you should not use the same password for everything.

- Contrary to popular belief, it is quite all right to write your passwords down, as long as they are kept in an extremely safe place and are not accessible by others. If you have a filing cabinet that you can lock, that would be a good place to keep your passwords. Do not keep your passwords anywhere that you would not happily keep the data they are protecting. If you use mnemonics to create your passwords, you could always write down the original phrases, rather than the passwords themselves, to help you to remember them.

- You can use a password manager to store your passwords. There are many free and paid password manager programs available which store your passwords for you. One password is required to log into the account – which will of course need to be extremely secure! You should choose a password manager which does not need to be installed, but which can simply be run from the desktop.

- Never send your password in an email. Any email which asks for your password, even if it appears to be from an official source, is probably a fake. If you are in any doubt about the authenticity of an email, and especially if it asks for personal details, you should visit the website of the company in question and contact them directly via their support page or support email address.

- Do not enter your password on a computer or network over which you do not have control. In internet cafes and other such places, it is possible for criminals to install keystroke-recording software which will log everything you type.

- Do not share your password unnecessarily. Generally speaking, you should keep all your passwords to yourself – do not tell family members, especially children. Exceptions would of course include such things as shared bank accounts.

By Helena Henderson

For more information on domain names and domain name registration questions please feel free to contact Domainmonster.com support team who will be happy to assist you.