What Was That Password?

Passwords are to be found in many different places for many different reasons. One of the most common uses for a password is to confirm the identity of a user logging on to a network, so that he or she can only gain access to data or resources that they are permitted to. The whole point of passwords is that only you, the person who made it, will know what it is, and no one else will be able to find out or work out what you have used. Not only do you have to think of something which is both easy to remember and hard to guess, but you also have to do it all over again, preferably once a month.

One of the biggest mistakes you can possibly make when coming up with a password is to use the name of someone you know. If someone is going to try to guess your password, their going to try that first, and it won't take them long using trial and error (fortunately most systems will only allow a certain number of incorrect attempts before locking the person out, but not always). Another, probably even worse thing to use is the name of your favourite football club or film, etc. Anyone who knows you will be able to work these out in no time. And if you think none of your friends would want to use your password anyway, they might not have much choice if they're being held at gunpoint (or they might just be in a sticky situation and could need to access your files for some personal reason).

So how do you make a good password that you will be able to remember, but others won't be able to guess? Well it's easier than you might think. By using some simple guidelines and rules, you can easily think up really excellent passwords in no time. Here's how you do it:

Think of a word that you should be able to remember quite easily, but preferably not a name or football club, etc. Make sure it's all UPPER CASE or lower case to play it safe.
Now split the word up into two or three sections (the word's syllables are a good way to do this).
In between each section use a symbol (not a number or a letter) to join the sections together. >, -, +, %, *, ^ are all good examples.
Now, see if there are any letters that can be replaced with numbers or symbols without becoming obscure. 1 instead of I or 0 instead of O for example.
And voila! There's your password. It should still be easy to remember, as it resembles a real word that you're familiar with, but it will also be different enough not to be guessed.

Here's an example:

I'll take the word amithyst as the basis.
I can split that up into ami and thyst.
Now I'll use ^ to link them together, because this symbol looks a bit like an A for Amithyst. So now I've got ami^thyst.
Then I can replace the i with 1 and the s with 5, giving me am1^thy5t. Now no one is going to type that in as a guess, but it's still quite easy to remember. If you forget how you changed it, but can remember the original word, you could always start again with the original word, and work through what can be changed again to jog your memory.

Sometimes you will be asked, when creating a password, to enter something that can be shown as a reminder, if you forget what your password is. It is not a good idea to use the original word, as potential intruders have a good chance of working through the possibilities to find the one you chose. What you could use is another word that you relate to the original word, but which also has other possibilities. An example for our am1^thy5t password could be Electronic pages. This would imply magazine (pages) and web site (electronic) to you, but would most likely send other people off try things related to Yellow Pages or something to do with BT and the Internet. You might think that spelling the word out by using each letter as the first letter in a sentence (amithyst could become a monster is too hairy you silly twit for example) is a good way to help you remember. But it will usually be blindingly obvious to anyone else as well.

If you're able to do so you should always be sure to change your passwords regularly. Once every couple of months is usually best, depending on what the password is protecting and how many people can actually gain access to simply attempt it. If the password is protecting a file on a computer that's not connected to any others in any way, which is in your house, there aren't going to be many people who can even get to the computer. Whereas, if the computer is in a busy office then there are likely to be many more people who can get to the computer. So the one in the house would only need changing as little as twice a year, quite possibly. And the one used in the office would probably need changing at least once a month.

ŤŤŤ Contents ťťť