Passwords are the currency of the Digital Age. People use passwords to log in to email accounts, online games, bank accounts, credit card accounts, online forums, social networking sites, and every other password-protected corner of the Internet. In order to remember and keep track of all the logins of their lives, a lot of people use the same one, two, or three passwords. What’s more, many people use passwords that have very poor password security — names, nicknames, dates of birth, maiden names, and other obvious and predictable information.
These approaches to password security are very risky, because once thieves guess or otherwise gain access to one login, they can usually access many different pieces of victims’ information and wreak havoc on their personal and financial lives.
It’s important to understand that password complexity relates directly to password security. Sophisticated identity thieves use programs that generate passwords using combinations of personal information, such as phone numbers, addresses, family middle names, and more. These programs are capable of many thousands of login attempts per hour.
Since passwords grant access to bank and credit card accounts and a variety of other aspects of people’s lives, the stakes are very high. It’s each person’s responsibility to use a new password for every login and to make sure that each is complex and unique.
- Obvious combinations, such as abc123, yournamexyz or yourname1, combinations of addresses and phone numbers, or your
- mother’s maiden name
- Any part of the user name with a slight variation for the password
- The word “password”
- 123456789 or a similar string of sequential numbers or letters
- Words in the dictionary that a hacker using a dictionary program can easily hack
- Any personal information at all
How can you improve your password complexity to improve your password security? Passwords should always:
- Be at least six characters long
- Be unique to each login
- Be changed at least once a month
- Contain a mixture of upper- and lowercase letters, numbers, and symbols, such as *, ^, }, |, ), _ and others
There are various methods you can use to create complex passwords that are impossible to guess but relatively easy for you to remember. One approach is to relate one of your favorite songs, poems, or quotes to the website or account in question. For example, if you’re creating a password for your bank account, you might start with the old saying, “A fool and his money are soon parted.” That axiom is too long to use as a password, but you can easily whittle it down to “aF&H$RsP,” for instance, which translates as follows:
- “a” represents “A”
- “a” represents “A”
- “F” represents “fool” (to add complexity, every second “word” in this password is initial-capped)
- “&” represents “and” (for obvious reasons)
- “H” represents “his” (initial-capped)
- “$” represents “money” (for obvious reasons)
- “R” represents “are” (and is capitalized as past of the “every second ‘word’ is initial-capped” rule)
- “s” represents “soon”
- “P” represents “parted” (initial-capped)
When it comes to password complexity, some people consider this a good rule of thumb: If it’s impossible for you to remember it, then it’s a good password. That rule of thumb, however, flies in the face of a hard-and-fast rule about passwords: Never write them down. Most people break that rule at one time or another, but even if you break it, you should follow this rule: Never store your passwords in an easily accessible location. Don’t leave them on your desktop, don’t tape them to your monitor screen, and don’t keep them in your wallet or purse.
At a time when millions of people become identity theft victims every year, a sober approach to password security and complexity is a big part of preventing identity theft. The very least you can do is make it difficult for others to guess (or find) your passwords.