Keeping track of passwords can be a nightmare. We explain how to stay safe while keeping it simple
Passwords have been used for thousands of years, from the simple watchwords used by Roman gatekeepers to differentiate friend from foe to the ‘flash/thunder’ challenge and response employed by Allied paratroopers during the Normandy landings.
Today just about every website that offers a personal account requires you to log in using a password. This is fine if you only use one or two websites, but if you use dozens of websites that require a password it can be tempting to use a single password for them all.
In this article, we’ll show you how to create and track strong, unique passwords for each of your accounts online while keeping them simple to remember.
Choose carefully Website owners generally spend a lot of time and money on good security, so if an intruder wants to gain access to an online bank or email account, they are going to have to do so by knowing or guessing the account password. This makes it worth thinking carefully about how to choose a password that’s not easy to guess.
For instance, it’s not a good idea to use a word found in the dictionary; this immediately opens up the possibility of a ‘brute force’ or ‘dictionary’ attack, in which a would-be intruder will use software to bombard a website with an endless list of words until the correct one is found. Some people have tried to avoid this by replacing letters with numbers (turning ‘password’ into ‘p455w0rd’, for example) but attackers are aware of this trick and will usually try these too.
Similarly, it’s vital not to choose something so simple or obvious that everyone else could know. This includes using the name or date of birth of someone you know or any person you might admire. Phone numbers or car registration numbers are also a bad idea remember that there will be people out there who know these details about you.
You will hopefully be thinking that this all sounds fairly obvious, yet evidence exists to suggest that users are being blasé when choosing a password. In 2006, a phishing website captured over 35,000 usernames and passwords before it was shut down. Among the top 20 most commonly used passwords were ‘myspace1’, ‘password1’, ‘football1’, and, most alarmingly, ‘password’.
