Choosing good passwords
Updated 470 Days AgoPublic

Main PageGeneral RecommendationsChoosing good passwords

Some general tips on how to choose your password


Strengthening your password is the first step towards your data security and privacy. However, a complicated password doesn't necessarily mean good password. This is pointed out best by an xkcd article:

password strength

(Image courtesy of xkcd.com.)

There are online password generators, such as this one, but the best practice is to use only locally installed programs, eg. xkcdpass. All this sometimes is not available (when you are in the middle of installing process, for example) and then you will have to rely on your own judgement. You should pay attention to these (obvious) things:

  • it must be reasonably long
  • it must be memorable

Xkcd comic 936 indeed gives a good advice: your password strength lies in its length. One example of a process of choosing a password:

NOTE: The following is just a suggestion of a password inducing method. You can check online for more methods, some of them including throwing a dice and thus adding more randomness to your password.

Your birthday is 22nd of May, 1984. Your favourite book is Dubliners by Joyce.

  • open the book at page 22 (day of birth)
  • go to line 5 (month of birth)
  • choose 1st, 9th, 8th and 4th word from that line (year of birth)

The result here would be: siege, least, have and failure (skip short words). We will check siegeleasthavefailure on the password checker: 410 BILLION YEARS for a computer to crack it. Sounds good. The advantage here is that you can deduce your password in case you forgot it (you only need to use the same book). You can also add numbers for additional length: for example, add last three digits of the book's author year of birth between each word. Our example password would then look like this: siege8least8have2failure. Read it out loud: you have already remembered it, haven't you?

NOTE: You should not check your real passwords on online password strength checkers.
Last Author
mladen.pejakovic
Subscribers
None
Projects
None