The Web is now full of advice on how to manage one’s passwords, with very long lists on the do’s and don’ts of creating a hacker-proof-or, more realistically, acquaintance-proof one.
There is much confusion, but on one thing all experts agree: a good password should be both easy to remember and hard to guess.
If it is too short, it will be easy to guess.
If it is too long, it will be difficult to remember.
So what are the steps to take to choose an effective password?
Method 1: numbers and special characters
According to NIST, the U.S. National Institute of Standards and Technology, the best policy for creating a good password is:
- At least 8 characters
- Lowercase letters
- Capital letters
- Numbers
- Special characters
“Apple Pie,” apple pie, can thus become:
- @ppL3pie
- appl&p1E
- aPP|ep!3
Or other such combinations.
Method 2: Three Random Words
Instead, the UK’s National Cyber Security Centre suggests the technique of “three random words,” three random words, with no need for numbers or special characters.
For example: parasolmanigliacannuccia
Both are good methods, providing some level of security. But why not combine them, for an even stronger password?
Method 3: Passphrase
The advantage of using a Passphrase, i.e., a full, meaningful sentence as a password, is definitely ease of memorization.
For example: m1like the ice cream!
It is a very easy sentence to remember, and by inserting numbers and symbols it quickly becomes very complex as well.
And once the password is found?
The easiest and most secure option is to use a Password Manager. Password Managers are software that allow you to save all your passwords in one secure place, conveniently accessible via app. The advantage is that you won’t have to remember dozens and dozens of different passwords, risking confusion or, worse, ending up writing them down on post-it notes hidden around the house or on your cell phone notes.
You only need to remember one, the one to access the Password Manager: the Master Password.
The best option is then to use a Password Manager, and set a Passphrase as the Master Password as seen above. All other passwords you can generate automatically within the Password Manager.
Hacker-proof advice!
Curiosity!
- Have you ever wondered how to calculate the complexity of a password?
- There are free sites, such as NordPass, that allow you to check what passwords are most commonly used. Spoiler alert: yes, the first one is 123456.
- Even a good password alone is not enough. Soon we will tackle the topic ofmulti-factor authentication to find out what it consists of and why it is critical when it comes to cyber security.
- In any case, remember: never save passwords in browsers, they are almost all saved in plain text!
Share