How to Choose and to Protect Passwords - dummies

By Ryan C. Williams

When you set up an e-mail account — or any account — on the Internet, you have to set a password, which is the keyword you type in to confirm your sign-in along with your user ID.

Passwords are not only used in e-mail, but also on almost every website you become a member of, and with many apps and devices. If you have a strong password, hackers will pass by your account and attempt to hack an easier target.

Picking a good password is not as thought-free — but is twice as important — as it may seem. Whoever has your password can (in effect) be you anywhere on the web — posting comments, sending spam e-mail messages, and leaving dangerous messages (which can range from pranks to scams or worse) for others to see. Basically, such an impostor can ruin your online reputation and possibly cause you serious financial grief.

So what goes into creating a fool-proof password? You could slam your hands into the keyboard and go with those results, but odds are you wouldn’t remember what you entered. And you’d hurt your hands, but that’s a different concern. Take a look at these more practical solutions:

  • Don’t pick obvious passwords. Don’t use your first name or last name, or your dog’s name, or your spouse’s name, or your birthday, or your birthday backward, or common words in English, or any other common language. Someone who really wants to get access to your computer already knows to try this kind of personal information first.

    If you aren’t feeling creative or otherwise up to the task of inventing random passwords, you can find freeware and shareware password-generating applications by visiting CNET’s and searching for Password.

  • Create longer passwords. The longer the password, the better — 10,000 combinations are possible with a 4-digit password. The number of possible combinations for a 5-digit password is 100,000 (or 10x10x10x10x10). For a 6-digit password, the number is 1 million combinations.

  • Use both numbers and letters. Throw a few letters into the password, and you really make things complicated. A 4-character password consisting of both letters and numbers has 1,679,616 possible combinations. (That’s 10+26×10+26×10+26×10+26, for you math fans.) For a 5-character password, 60,466,176 combinations are possible.

  • Throw in a few symbols, like $, &, % and *, just to make guessing your password even harder. The reason is obvious. Sometimes a software program or your operating system doesn’t let you use nonalphanumeric characters, but if your system lets you, you certainly should! (This advice applies to your Internet Service Provider and other online passwords as well.)

    A good password looks something like this: kl5K8$d.

Do the math, and you may suddenly feel very confident. After all, 10,000 possible combinations exist for a 4-digit password (for you math majors, that’s 10x10x10x10 = 10,000). But, how long would it take a hacker to try all 10,000 of those combinations? With good password-cracking software — available for free from the web, of course — all it takes is about a minute.

You’d be surprised how many people use password or passwd as their login password. You can probably guess that these aren’t strong passwords. These passwords are usually default passwords and need to be changed immediately. People use them because they’re easy to remember. The following are the ten most commonly used passwords:

  • password

  • 123456

  • 12345678

  • Abc123

  • qwerty

  • monkey

  • letmein

  • dragon

  • 111111

  • baseball

Do not use any of these passwords. Most of the password-cracker programs have these passwords in them.

With any password, you should follow these common-sense rules to protect your privacy:

  • Don’t give your password to anyone — it’s like giving away the keys to the front door of your house.

  • If you even suspect that someone has your password, immediately change it.

  • Change your password every few months just to be on the safe side. Maybe even rotate a group of passwords over the various accounts you use.