Safe Password Tools
Too many people have bad passwords that can be guessed in a matter of minutes by a password cracker, which are available quite freely on the Internet, such as here. You don't want to read another article about strong password best practices, so I'm going to make this easy and give you some cool tools to making them yourself.
Password Tips
Like I mentioned, I won't bore you with the details on how to create better passwords. You can read about that elsewhere on the web, such as here, here and here. If all of the advice can be summed up in one sentence, it would be "A good password is one that cannot be easily guessed".
The Password Strength Meter
This is the fun part. Most people I know absolutely hate figuring out a strong password, which is why they usually pick a weak password. Consider this: "rover" is a very weak password while "!3%y3^&S(r&34m!" is a strong password. Password cracking programs can guess "rover" in a couple of seconds. But how do you know when your password is strong?
SecurityStats.com has a tool that allows you to type in a password and it will tell you how strong or weak it is. Use the examples I gave above here on SecurityStats. Don't worry, they won't store your password but it is always a good idea to not send them your real password, just use one that is similar.
Strong Password Generators
But how do you come up with a strong password yourself? And what if you have multiple passwords for many sites, such as your credit cards, banks, leisure and travel sites, utilities, etc? There is a way to generate a strong password using a single master password and a secondary word, such as the site name. So for instance you could use "Stella500" as your master password, and for each of your sites (such as banks) you could use the bank name. Go to Angel.net and type in "Stella500" as the master password and "royalbank" as the site name. Click on Generate and the password it produces is "96e6c398" which is a medium-strong password.
Another site is a French one that has 2 password generators. One gives you a password up to 8 characters only, and the second is more secure and gives you a longer password.
Using a master password of "Stella500" and site name (also known as a parameter) of "royalbank", go to their Regular Password Generator and punch in those values. The result is "GgXSwMY0" which is a strong password, stronger than the Angel.net site's generator. If you run those words through their Long Version Password Generator, you get "GgXSwMY0gIIrte+Dh526pG2gfP0" which is the strongest and most difficult to guess of all of them.
Using these systems, you won't have to remember or type in that long password, just remember your master password and site names, then you can go to the generator page and generate them. I don't recommend letting Internet Explorer remember your passwords for you, since your computer can be stolen and the thief would have access to everything.
Where to Store Passwords?
Right about now you're probably thinking how much work it would be to go to one of those sites and generate a password everytime you wanted to log into your bank account. You don't have to do that; there is an easier way. You can store all the passwords in a secure database on your computer, and print them out if you like and file them away in a safe place. What kind of secure database?
There are programs that you can get free that will act as an electronic file cabinet to store your sensitive usernames and password information. They require one master password which allows you to get in. Without this master password, even if someone steals your computer they will not have access to your accounts.
The one that I would recommend is Password Safe which is an open source project and available at no cost. Another one which has been recommended to me although I haven't used it is Oubliette.
Just remember that a strong password is the only thing between thieves and your money and personal data! Keep all of your data safe by using strong passwords.
Password Tips
Like I mentioned, I won't bore you with the details on how to create better passwords. You can read about that elsewhere on the web, such as here, here and here. If all of the advice can be summed up in one sentence, it would be "A good password is one that cannot be easily guessed".
The Password Strength Meter
This is the fun part. Most people I know absolutely hate figuring out a strong password, which is why they usually pick a weak password. Consider this: "rover" is a very weak password while "!3%y3^&S(r&34m!" is a strong password. Password cracking programs can guess "rover" in a couple of seconds. But how do you know when your password is strong?
SecurityStats.com has a tool that allows you to type in a password and it will tell you how strong or weak it is. Use the examples I gave above here on SecurityStats. Don't worry, they won't store your password but it is always a good idea to not send them your real password, just use one that is similar.
Strong Password Generators
But how do you come up with a strong password yourself? And what if you have multiple passwords for many sites, such as your credit cards, banks, leisure and travel sites, utilities, etc? There is a way to generate a strong password using a single master password and a secondary word, such as the site name. So for instance you could use "Stella500" as your master password, and for each of your sites (such as banks) you could use the bank name. Go to Angel.net and type in "Stella500" as the master password and "royalbank" as the site name. Click on Generate and the password it produces is "96e6c398" which is a medium-strong password.
Another site is a French one that has 2 password generators. One gives you a password up to 8 characters only, and the second is more secure and gives you a longer password.
Using a master password of "Stella500" and site name (also known as a parameter) of "royalbank", go to their Regular Password Generator and punch in those values. The result is "GgXSwMY0" which is a strong password, stronger than the Angel.net site's generator. If you run those words through their Long Version Password Generator, you get "GgXSwMY0gIIrte+Dh526pG2gfP0" which is the strongest and most difficult to guess of all of them.
Using these systems, you won't have to remember or type in that long password, just remember your master password and site names, then you can go to the generator page and generate them. I don't recommend letting Internet Explorer remember your passwords for you, since your computer can be stolen and the thief would have access to everything.
Where to Store Passwords?
Right about now you're probably thinking how much work it would be to go to one of those sites and generate a password everytime you wanted to log into your bank account. You don't have to do that; there is an easier way. You can store all the passwords in a secure database on your computer, and print them out if you like and file them away in a safe place. What kind of secure database?
There are programs that you can get free that will act as an electronic file cabinet to store your sensitive usernames and password information. They require one master password which allows you to get in. Without this master password, even if someone steals your computer they will not have access to your accounts.
The one that I would recommend is Password Safe which is an open source project and available at no cost. Another one which has been recommended to me although I haven't used it is Oubliette.
Just remember that a strong password is the only thing between thieves and your money and personal data! Keep all of your data safe by using strong passwords.
posted by Peter at
1:31 PM
3 Comments:
yeah..i am just changing all my passwords and the timing for this app couldnt be better :) thanks
ajay
By
ajay shroff, at 3:59 AM
It is a common prob. The most simple crackers have 25,000 passwords (in only one case!).
By
J Anderson, at 3:40 AM
Check out this Safe Password Generator at WinGuides!
By
Peter, at 5:44 PM
<< Home