Creating and Keeping Passwords Secure
We greatly appreciate the sentiment of this journal! We know how hard it is to keep track of which email you’ve used to create a login to a new online service or tool, let alone what the passwords are.
With password requirements being different on each platform, it can be tempting to create one ‘master’ password to be used for each login, or to write them all down in the back of your notebook. There are journals out there for doing exactly that, with ‘Password Journal’ on the cover (great for helping nasty people locate the good stuff). There are some really beautiful ones actually, and some, that are relatable like this one!
How to Master Passwords
Use separate passwords for your online accounts—otherwise, if one password is cracked, they can access all accounts.
Use strong passwords for your accounts, using a combination of letters and numbers
Steer clear of the usual things like the names of your loved ones, school, work, car, hobby/club/team or other clearly discoverable things – it’s amazing what somebody can easily guess or find out with a quick dive into your socials.
Make sure the security question on your email or bank account is set to something unique too, the default questions can be basic so scroll down to a some
Avoid substitution: kiwibird and k1w1b1rd are equally weak passwords, and any brute force attack* can easily get through
Don’t use the same password for multiple accounts
To help you remember, it can make sense to have a ‘theme’ for your super secure passwords like bank accounts, and a different theme for your less risky ones (some ideas the name of your favourite flower and your bestie’s cell number in reverse so 209&ngutu037kā47kā20 or your Dad’s favourite song and Mum’s birthday eg: Roller23coaster(0657 with a special character thrown in for good measure!
Or, you can go full noise and do what NordPass suggest:
Create a formula that will help you remember the password. For example, you can take any phrase and replace every letter with the next one in the alphabet: cucumbers are tasty -> dvdvncfst bsf ubtuz
Or you can take the first letter from every line of your favourite song. This way, “Shine on you crazy diamond” by Pink Floyd turns into: rsnsybccystswrcc
Sounds like gibberish? That’s what we want. Just don’t forget to add special characters and numbers to make it even more complicated
OR Shorten each word
Create a phrase and delete the first three letters in every word (in some cases you will delete the whole word, but that’s fine): Laptop running free in the jungle -> top ning e gle
Nord also say that the longer your password is, the better. Many websites ask to create 8-character passwords, but they recommend going for no less than 15 characters.
Needless to say, it’s great to create a system to reduce online hacking risk, but there is the offline risk too. Do think about if and where you write them down. Easily logging in to digital assets and resources is important, but keeping them safe is more so. If you need to write them down, use prompts to remind you instead of the whole password and keep them in a safe place, not somewhere easily found or stolen.
* Kapersky … What's a Brute Force Attack?
A brute force attack uses trial-and-error to guess login info, encryption keys, or find a hidden web page. Hackers work through all possible combinations hoping to guess correctly.
These attacks are done by ‘brute force’ meaning they use excessive forceful attempts to try and ‘force’ their way into your private account(s).
This is an old attack method, but it's still effective and popular with hackers. Because depending on the length and complexity of the password, cracking it can take anywhere from a few seconds to many years.
References:
https://nordpass.com/blog/5-strong-password-ideas/
https://www.kaspersky.com/resource-center/definitions/brute-force-attack