How to Create the Best Passwords:
Prevent Password Theft and Loss with These 11
PasswordCreation & Organization Tips
by www.SixWise.com

It used to be that if you could remember your phone number and address, you'd pretty much be OK. Not so today. On top of an address and phone number (one for work, home and cell), most of us are inundated with complex online passwords necessary for everything from e-mail to paying bills to reading the news.

In fact, the majority of Internet users (62 percent) have up to 10 online accounts that are password-protected, and some of us (23) percent have 20 or more, according to a survey by UK-based anti-virus firm Kaspersky Lab.

Do You Use the Same Password for Everything?

Maybe you have been tempted to simplify things and just use the same password for everything. It's understandable, after all, because who can remember that many unique passwords?

According to the Kaspersky Lab survey, about 51 percent of people use this technique and choose between one and four passwords to access all of their accounts.

However, not diversifying your passwords puts you at major risk of identity theft. If criminals find out your password, they can easily access your bank accounts, your credit card information -- even apply for a mortgage in your name.

And according to the Carnegie Mellon University's Computer Emergency Response Team/Coordination Center, up to 80 percent of problems with computer security are the result of bad passwords.

How Does Password Theft Happen?

There are several ways that hackers can gain access to your passwords, including:

• Guessing them: Many passwords, such as sequences (1234), login names, your birthday, name or social security number, child's name, pet's name, etc., are easy to guess (particularly if you've shared this information with someone in an online chat room). Criminals also use sophisticated software programs that can guess thousands of potential passwords in just a few minutes.

• Phishing scams: A phony e-mail or pop-up message that tricks you into divulging personal information, including your passwords.

• Online storage: Thieves can sometimes find passwords stored online, which is why you should avoid using online storage.

• Keystroke logging devices: Criminals can easily attach a keystroke logging device to a public computer (in a library, Internet café, computer lab, etc.) that will allow them to see everything you've typed, including your passwords.

Creating and Protecting a Strong Password

Because a password is often all that stands between your personal information and a potential thief, it is imperative that you choose a good one. Here are 11 tips to create secure passwords (and how to remember them):

1. Make it at least eight characters long. Anything shorter can be hacked in a matter of minutes to less than two days. The best passwords, according to Microsoft, are those that are 14 characters or more (they say a 15-character password is 33,000 times more secure than an eight-character one).

2. Use numbers, letters and symbols. A combination of things (hoi*&l390) is exponentially more secure than a password with just letters (if the program won't allow symbols in the password, at least use letters and numbers).

3. Use a phrase. If the program allows it, use an entire phrase rather than just one word (such as "My uncle lives in Toledo, Ohio.").

4. Convert a phrase to a password. Microsoft recommends thinking of a sentence, then using the first character of each word to make the password (so for the phrase "My uncle lives in Toledo, Ohio," the password would be mulito), then adding in even more complexity with numbers and symbols (such as $muLitO96).

5. Add uppercase and lowercase letters. Making some letters in your password uppercase and others lowercase (mUlitO) will make the password much harder to break.

6. Avoid using words or phrases that people know about you. The easiest passwords to hack are those that include personal information, such as your name, family's names, birthdates, address, license plate, etc. In fact, just about any word in a dictionary is vulnerable to criminals who use password-guessing tools.

7. Don't use sequences or repeats. Passwords such as "56789" or "rrrrrr" are very easy for criminals to guess.

8. Change your password regularly. While longer passwords (14 characters) that use symbols and other variations only need to be changed once every few years, shorter ones should be changed weekly, according to Microsoft.

9. Don't give out your passwords. Keep them private, even from friends, coworkers and children, and never reveal your password in an e-mail or Web page an e-mail directs you to.

10. Don't type your passwords on public computers. This leaves them vulnerable to keystroke logging devices.

11. If you can't memorize them, write your passwords down in a safe place. If you must write down a password to remember it, do! It's much safer to use a complex password that you must write down than to use a simple one that you remember. A relatively safe place to keep your passwords is on a piece of paper (not on your computer or other online storage place) that you keep in a secure spot (not your wallet or purse).

Alternatively, if you'd rather not keep your passwords on paper, there are software programs such as RoboForm that will create (with anywhere from one to over 500 characters), memorize and encrypt passwords for you, then automatically log you in online.

Recommended Reading

Don't Get Caught by Phishing Scams on the Internet!

The Dark Side of Social Online Sites Like MySpace to Beware Of: Threats to Privacy & Self

Sources

Microsoft.com

ITPro

SunJournal.com