According a study of Internet users conducted last year, the most popular password choice for online accounts is the word "password." And as the recent hacks of LinkedIn and eHarmony prove, that can lead to serious security problems.
So what makes a password effective? On the surface, it seems like adding lots of random numbers and symbols to your password will make it harder to crack, but as this (geeky, mathematically advanced) comic from xkcd suggests, that might not always be the case:
The Atlantic Wire sat down with hacking expert Alex Horan (he works "for good, not evil" according to the PR liaison for his company CORE Security) to ask for some tips on coming up with more secure passwords for banking, social media, email and all the other electronic interfaces that require them.
Here are a few ideas.
Save your brain: focus on important accounts
If you have multiple bank accounts, each one should have a unique, hard-to-guess password. So should your email, since that's where hackers could go to reset all your other passwords. But for less important stuff, you can use a "dumb password" - basically a nonsense phrase, all lowercase, that you'll be able to remember pretty easily.
PassWORD? How about passPHRASE?
No matter how obscure the word you choose, a single-word password can probably be guessed. But a whole phrase? That's harder. Horan suggests the first line of your favourite book, for instance. You'll remember it, but the chances of someone cracking it are slim, especially if it's long. Check out how much harder it is to crack a 14-letter password than a 10-letter one:
Switch up your login name
Most people only have one main personal email account, and that's probably the one associated with all your accounts online. Horan says this is a mistake. He suggests creating new email addresses for each of your social media accounts. So for LinkedIn, he created firstname.lastname@example.org. Once hackers have cracked your password, they'll likely search for the same username/password combo elsewhere. This way, they won't find it.
Be personal and specific with your password
If you use the name of a loved one, their birthdate, or the place where you live as a password, hackers stand a pretty good chance of figuring it out. So pick something more personal: blogger John Pozadzides suggests "a place you love, or a specific car, an attraction from a vacation, or a favourite restaurant."
Keep all those passwords straight with an encrypted storage space
If you take Horan's advice, you'll end up with as many (long, hard-to-crack) passwords as you have electronic accounts. Keeping them all safe is tough, especially since you should never write them down. Luckily there are various services online that will store all your passwords behind a heavily encrypted wall, so you can access them when you need them. Check out 1Password or LastPass if you're interested.
Related stories on Strombo.com: