Last week Twitter discovered a breach in their system that could have allowed someone to download the passwords of every user of their platform. They send out a message recommending that everyone change their passwords as a just in case measure, while indicating that they didn’t think anyone else had discovered the issue.
There was a lot of grumbling about it; not the breach itself but in the need to create new passwords. I understand it; I hate changing passwords all the time myself. However, I don’t think my issue is the same as the issue of many others.
Most of the complaints I saw online were about having to find a way to remember the new password because too many people use the same exact password for almost all the sites they visit. That’s almost as lazy as creating easy to break passwords, but once again I can identify with it… sort of.
In the early days of being online, we didn’t have all that many people breaking into systems to steal passwords. Thus, I always used the same username and password for all the sites I joined. This was in the days before we did things like online banking and social media outside of blogging; the late 90’s felt like kindergarten compared to what we have now.
What we have now are people with both technology and grit who are trying to break into sites where we’ve stored passwords to help things move along faster. How many times do we have to read where people’s Twitter accounts, blogs, iPhone storage accounts or other social media sites have been hacked before people start taking security seriously? Making it easy for your information to be discovered is lunacy.
I’m here to help… as always! 🙂 I’m going to offer some suggestions for creating “harder” to break passwords that should end up being easier for you to remember that will afford you a bit more comfort on the back end.
Before I go that route, I want to remind anyone using a WordPress blog or website that you can protect your site better by using a plugin called Limit Login Attempts Reloaded. It used to have the same name only without “reloaded” but that version wasn’t updated and this one is… working the settings are exactly the same and I hope you think about my recommendations from this post written just last year.
For everything else, we’re shooting for passwords that are at least 14 characters; most of mine are 16 or more. Let’s get started!
1. If you have at least 3 favorite TV shows or movies, you’ll probably know of relatively long names in some of those shows that aren’t necessarily obvious. It doesn’t even have to be a favorite; just something that sticks out for you.
For instance, even though I wasn’t overly crazy about this movie, Dark Crystal gave us the word “gelfling”. It’s uncommon and not a word anyone would guess outright (unless it’s your favorite movie and you’ve told everyone about it) so it’s a good first step. Capitalize a couple of those letters to make it harder to crack.
2. I hear you now; “hey, that’s only 8 characters”. True, but we’re not done yet. If Dark Crystal was your movie, you can add a number code to it that should also be easy. Take the word “dark” for example. The number equivalent for that word is 4-1-18-11. If you added that to either the beginning, middle or end of gelfling you’d have a 14-character password that you’d probably remember.
3. You can also make it a bit harder by looking at a longer word like “crystal” and leaving out the vowel. This makes the numbers 3-18-25-19-20-12. Adding that to gelfling makes it a 19-character password; it’s harder to remember than the first one but all you’d have to remember to remind yourself of what it is would be the word “crystal”. If you needed to add the “1” to the mix that’s fine also; an extra character never hurts.
4. A lot of people like adding symbols to their passwords. Things like @, $, and ? work nicely, but some sites don’t accept symbols. The other problem with this is that most people use them in places where they make too much sense to use them, such as @ instead of “a” and $ instead of “s”. Not only should you break that up but putting multiple characters in a password is smart to do if you can remember where you’ve put them.
5. While thinking about favorite shows, why not put together the names of your favorite characters from different shows or movies? For instance, one of my favorite movies of all time (actually, it’s ranked #1 for me lol) is Independence Day, and I love Will Smith’s character, whose name is Steven Hiller. Another favorite movie of mine is the Muppet Movie (go ahead and laugh!), and my favorite Muppet of all time is Kermit the Frog.
If I wanted to, I could go with something like “HillerKermitFrog” as a password and add a couple of numbers or symbols to it. It’s something I’d easy remember because I’d easy remember what I based my password off (this isn’t my password so don’t try lol). For instance, I could add the numbers 96 and 79 to it, which are the years both movies came out. That’s a pretty strong 20-character password that would take someone a lot of time to crack, especially if I threw in a symbol or two.
6. Think about using a favorite phrase or saying. I don’t know anyone who doesn’t have a favorite or memorable quote or line from a movie, book or song. If you remove the spaces, that would be a fairly tough password to crack. That’s because people may know phrases, but the software created to crack passwords don’t know phrases. Even if they do, changing up something here and there by adding capital letters will stall the process.
For instance, one of my favorite phrases is from a Bugs Bunny cartoon: “I ain’t never done nothin’ to no one who ain’t done nothin’ to me first.” Yeah, it’s silly and stated incorrectly, but it would make a great, long password. Imagine doing something like this: IaintneverdoneNothintonoonewhoaintdoneNothintomefirst. That’s 52 letters; what program is going to crack that one quickly… if ever? That and there’s only 3 capital letters in it; from my perspective this would be easy to remember.
It doesn’t have to be a quote as long as this one; it just has to be memorable to you. What about ItwasthebestoftimesItwastheworstoftimes? This one’s 39 letters, and one of those most famous quotes in history (whether or not you read the book). If your quote is from a book less well known, a movie that’s stuck in your mind, a song lyric… it’s a better password than “password” any day of the week! 🙂
Those are just a few ideas to show how simple it actually is to create tough passwords to help protect yourself across the internet. You might think about musical artists instead of movies, athletes instead of actors. Just don’t make it so obvious that your friends could figure it out; that negates the entire process. 🙂