→ → Choosing good passwords
Some general tips on how to choose your password
Strengthening your password is the first step towards your data security and privacy. However, a complicated password doesn't necessarily mean good password. This is pointed out best by an xkcd article:
(Image courtesy of xkcd.com.)
There are online password generators, such as this one, but the best practice is to use only locally installed programs, eg. xkcdpass. All this sometimes is not available (when you are in the middle of installing process, for example) and then you will have to rely on your own judgement. You should pay attention to these (obvious) things:
- it must be reasonably long
- it must be memorable
Xkcd comic 936 indeed gives a good advice: your password strength lies in its length. One example of a process of choosing a password:
Your birthday is 22nd of May, 1984. Your favourite book is Dubliners by Joyce.
- open the book at page 22 (day of birth)
- go to line 5 (month of birth)
- choose 1st, 9th, 8th and 4th word from that line (year of birth)
The result here would be: siege, least, have and failure (skip short words). We will check siegeleasthavefailure on the password checker: 410 BILLION YEARS for a computer to crack it. Sounds good. The advantage here is that you can deduce your password in case you forgot it (you only need to use the same book). You can also add numbers for additional length: for example, add last three digits of the book's author year of birth between each word. Our example password would then look like this: siege8least8have2failure. Read it out loud: you have already remembered it, haven't you?