How to choose your password? Here's how to create the perfect one.
16 October 2014
Read by 3695 persons
Are you one of those people who still use their first name or address for all their passwords? We shouldn't have to tell you, but there's nothing easier for a hacker than accessing your Netflix content or your bank account with such a simple password.
At the office, it's even worse: between the password to access your domain, your computer, your mailbox, and the different software, you don't know where to turn. You're falling into the bad habit of using the same password everywhere, and you know it's wrong, but you don't know how to go about it.
Here are some very useful tips for creating (and especially not forgetting) your passwords, in order to better protect your personal information online:
1. Avoid the obvious (like this advice)
Believe it or not, passwords like "123456" and "password" are still the most used. Don't. Do. It. Hackers can simply use a dictionary to attack you with programs designed with dictionary words and number combinations to easily access your accounts.
2. Create codes from sentences
As online security expert (and HuffPost US blogger) Robert Siciliano recently explained, a good way to choose a password you won't forget is to convert a sentence about yourself into an acronym. For example, you should turn a sentence like "At university, my roommate came from a station in Haute-Savoie" into: "AlumcvdusdHS".
3. Mix letters and numbers
Some sites will often tell you to use a combination of numbers, letters, and symbols, but it doesn't change anything if you still use words and numbers like "password1234!". Instead, transform letters into numbers, or add numbers in the middle of an acronym password. To make the example in point number 2 even better, we therefore go from "AlumcvdusdHS" to "Alu14444mcvdusdHS".
4. Use 12 characters or more
All passwords are hackable, but longer ones are a little less so. Of course, there are 645 trillion possible combinations for an 8-character password. But this number grows exponentially each time you add a letter. According to researchers at Georgia Tech, it would take 17.1134 years to hack a 12-character password.
5. Do not reuse or recycle
If you have the same password for all your connections, a single breach can damage all the accounts you have. Be sure to change your passwords regularly, and avoid going back to previous passwords and switching from one to another.
6. Personalize according to the site
If you really want to reproduce the same password, add at least a few more symbols that correspond to the different sites. This will make your accounts safer if one of them is compromised. To use our example, why not add a "FBK" to the password to log in to Facebook: "FBK.Alu14444mcvdusdHS".
7. Stay disconnected
While it's very convenient to have your browser, smartphone, or computer remember your passwords, it's the easiest way for someone to quickly access your accounts and data if your device is stolen or compromised. Simply uncheck the "remember me" option and take the few seconds needed to type your password.
8. Add two-step verification
Two-step verification protects even the most complex passwords from hacking. It requires you to enter a code sent to you by phone or email to log in. This security feature works with Google/Gmail, Apple, Facebook, Twitter, Dropbox, LinkedIn, Amazon, and many others.
9. Make a backup
Your passwords should be easily memorable, but everyone forgets sometimes. Robert Siciliano advises keeping an Excel document in Google Drive or Dropbox, accessible online, and also protected by two-step verification. He also suggests a physical copy in case of emergency. Obviously, this paper will need to be updated every time you make a change.
10. Use a password manager
The easiest way to remember and feel secure about your passwords on different sites is to use a password management tool. Don't be afraid of the cloud - these services are well encoded, you can easily disconnect from them, and you manage all your passwords with a super password.
Our colleagues at the American Huffington Post tested three of the best software of this kind, and LastPass seems to be the best option.
Huffingtonpost.fr/
Published September 26, 2014.
Posted October 16, 2014.
At the office, it's even worse: between the password to access your domain, your computer, your mailbox, and the different software, you don't know where to turn. You're falling into the bad habit of using the same password everywhere, and you know it's wrong, but you don't know how to go about it.
Here are some very useful tips for creating (and especially not forgetting) your passwords, in order to better protect your personal information online:
1. Avoid the obvious (like this advice)
Believe it or not, passwords like "123456" and "password" are still the most used. Don't. Do. It. Hackers can simply use a dictionary to attack you with programs designed with dictionary words and number combinations to easily access your accounts.
2. Create codes from sentences
As online security expert (and HuffPost US blogger) Robert Siciliano recently explained, a good way to choose a password you won't forget is to convert a sentence about yourself into an acronym. For example, you should turn a sentence like "At university, my roommate came from a station in Haute-Savoie" into: "AlumcvdusdHS".
3. Mix letters and numbers
Some sites will often tell you to use a combination of numbers, letters, and symbols, but it doesn't change anything if you still use words and numbers like "password1234!". Instead, transform letters into numbers, or add numbers in the middle of an acronym password. To make the example in point number 2 even better, we therefore go from "AlumcvdusdHS" to "Alu14444mcvdusdHS".
4. Use 12 characters or more
All passwords are hackable, but longer ones are a little less so. Of course, there are 645 trillion possible combinations for an 8-character password. But this number grows exponentially each time you add a letter. According to researchers at Georgia Tech, it would take 17.1134 years to hack a 12-character password.
5. Do not reuse or recycle
If you have the same password for all your connections, a single breach can damage all the accounts you have. Be sure to change your passwords regularly, and avoid going back to previous passwords and switching from one to another.
6. Personalize according to the site
If you really want to reproduce the same password, add at least a few more symbols that correspond to the different sites. This will make your accounts safer if one of them is compromised. To use our example, why not add a "FBK" to the password to log in to Facebook: "FBK.Alu14444mcvdusdHS".
7. Stay disconnected
While it's very convenient to have your browser, smartphone, or computer remember your passwords, it's the easiest way for someone to quickly access your accounts and data if your device is stolen or compromised. Simply uncheck the "remember me" option and take the few seconds needed to type your password.
8. Add two-step verification
Two-step verification protects even the most complex passwords from hacking. It requires you to enter a code sent to you by phone or email to log in. This security feature works with Google/Gmail, Apple, Facebook, Twitter, Dropbox, LinkedIn, Amazon, and many others.
9. Make a backup
Your passwords should be easily memorable, but everyone forgets sometimes. Robert Siciliano advises keeping an Excel document in Google Drive or Dropbox, accessible online, and also protected by two-step verification. He also suggests a physical copy in case of emergency. Obviously, this paper will need to be updated every time you make a change.
10. Use a password manager
The easiest way to remember and feel secure about your passwords on different sites is to use a password management tool. Don't be afraid of the cloud - these services are well encoded, you can easily disconnect from them, and you manage all your passwords with a super password.
Our colleagues at the American Huffington Post tested three of the best software of this kind, and LastPass seems to be the best option.
Huffingtonpost.fr/
Published September 26, 2014.
Posted October 16, 2014.
