Passwords provide the first line of defence against unauthorised access to your computer – but just how secure is your password?  A recent discussion in our office caused us to review the security of our passwords and whether or not it's ok to use the same password across multiple programs.  It has become easier for computer hackers to guess your passwords so it seems that a secure one is usually very hard to remember.  Below are some tricks for creating a memorable, secure password.

A good password

  • Has 12 characters, minimum
  • Includes numbers, symbols, capital letters and lower-case letters

What not to include in your password

  • Don't use your loved ones names, a common phrase, numbers in a sequence or words relating to the site that you use the password for 
  • Don't use a dictionary word or combination of dictionary words – any combination of a few words, especially if they're obvious, is also bad.  For example, "house" is a terrible password.  "Red house" is also very bad
  • Don't always rely on obvious substitutions – for example "H0use" isn't strong just because you've replaces an o with a zero.  Hackers run the dictionaries with various capitalisations and common substitutions such as "$" for "s" and "@" for "a".  This guessing strategy quickly breaks about two-thirds of all passwords

Tricks for creating memorable passwords

Unusual capitalisation

  • e.g.  wherESwaLLy

Two words interconnected

  • such as cat & dog, kitten & dog e.g.  cdaotg, kitdogten

The first letter of each word of a line of a song or book

  • e.g.  "I left my heart to the sappers 'round Khe Sahn" would be "IlmhttsrKS"

A sentence or an event in your life

  • e.g.  the first house I ever lived in was "613 Fake Street and rent was $400 per month".  You can then turn that into a password by using the first digits of each word, so your password would become "613FS&rw$4pm".   You just need a simple sentence, so it's easy to remember.

The last most important steps for a secure password

Never reuse the same password

  • it's not all about password strength.   If you re-use the password at multiple locations, it may be leaked or hacked and people may use that password to access your other accounts

Test the strength of your password on How Secure Is My Password?  The site will even tell you how long the average PC would take to crack it.

Don't allow your password to be 'saved' by your browsers

if you use Firefox you can test to see what information is available to anyone who accesses your computer.
  • Go to tools > options > security > saved passwords
  • Click the show passwords button

Voila – a list of passwords is available to whoever has control of your computer – no password needed!  Select the "use a master password" option to create a password to access all your saved passwords. 

To keep your information secure, it's a good idea to consider using a password tool such as LastPass and 1Password which are designed to help users create and manage unique, secure passwords.