Versions Compared

Version Old Version 13 New Version Current
Changes made by

Jessica Clark (Unlicensed)

Queenie Flores

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

How to Make a Strong Password

Although At Wise Owl Legal takes a number of precautions to keep your data secure, in the end, your password is the most important factor in keeping unauthorised people out of your Appliance. A well-chosen password will keep even the most determined hacker from accessing your Appliance. However, a poorly chosen password can grant access to a competitor, a disgruntled employee, or even a teenager with too much time on their hands.

What Makes a Good Password

Three things make a good password:

...

It is hard for someone else to guess.

...

It is easy for you to remember. 

...

, we prioritise your security by generating strong, unique passwords for you—so you don’t have to! But why is this so important? The strength of your password is the cornerstone of protecting your sensitive data. Even though we take numerous precautions to safeguard your information, a poorly chosen password can still open the door to unauthorised access.

Why Strong Passwords Matter

A strong password is your first line of defence against:

  • Hackers attempting to guess their way in.

  • Opportunistic competitors or disgruntled employees.

  • Data breaches on other websites might expose reused passwords.

What Makes a Strong Password

The ideal password is:

  1. Difficult to guess – no personal info, no easy patterns like “123456.”

  2. Easy for you to manage – even if it’s complex, you don’t have to remember it yourself.

  3. Unique to Wise Owl Legal – no password reuse across sites.

The point of a password is so other people can't guess it. It needs to be secret and difficult to guess. If you tell your password to someone else, or if it's so easy to guess your colleague, client or grandmother can guess it, you might as well not have one!

Of course, if your password is so hard to guess that even you can't remember it, well, that's pointless. And, generally, hard-to-guess passwords tend to be hard to remember. Further, because we can only remember perhaps 4 or 5 passwords before we get afraid we might forget something really important (like our address or partner's birthday), we tend to reuse passwords on multiple websites. Password reuse is bad because if the password for your bank is the same as the password for your favourite boutique online shop, and the shop gets hacked, your bank account is wide open for theft.

So there's a compromise you have to make between something really easy like 123456 or password, and 3497zVp63v4IC (although, as you'll see in a moment, that's not entirely true).

How Wise Owl Helps You Stay Secure

Wise Owl Legal takes the hassle out of creating passwords by generating strong, random passwords or passphrases for you. These are created under controlled conditions, ensuring they’re both highly secure and free of personal identifiers. You can let the system manage it entirely or securely store it for reference.

If you'd like to customise your password, the system can generate another strong option for you. Either way, Wise Owl makes sure your password meets the highest standards of security without you lifting a finger!

Step By Step Guides

Here are some step-by-step guides to making a strong password in the recommended order.

Password Managers

The best, and simplest way to make an impossible password is to have the computer generate one for you, and the computer remember remembers it for you.

  1. Generate a new, totally random, unique password like 3497zVp63v4IC.

  2. Store it securely in the password manager.

  3. When you log into Wise Owl Legal, the password manager will automatically copy the password (and even your username too) to your web browser for you.

In a sense, we are "cheating" when remembering the password. But computers remember things really well, so why not get them to do it for you? You may never even see the password it generates, but that's not a bad thing anyway.

There are a variety of high-quality password managers available. Some are free, others cost money. Some work just on Windows, while others can sync with your smart phonesmartphone. Some look really pretty, others look like they were made by a computer programmer. Choose one and use it. For every website you visit.

...

  • 1Password - available on Windows, Mac, Android, iPhone and iPad. From $25.

  • LastPass - free (ad-supported) on Windows and Mac. Android, iPhone and iPad costs $12 / year.

  • KeePass - available on Windows. 3rd party versions are available for Mac, Android, iPhone and iPad. Free.

  • Password Safe - available for Windows only. Free.

...

Other alternatives include using your web browser to remember your password or even good old-fashioned pen and paper.

All web browsers supported by Wise Owl Legal have an option to remember your password. Although this isn't as secure as a dedicated password manager, it means you can choose a longer, more complicated password and just let the browser remember it for you.

Pen and paper is a surprisingly good option, as long as you store the paper securely. A small pocket notepad or several pages in the back of your diary works well.

The down side downside of both the browser and paper options is you still need to create a password. See below for ways to generate one using a system, rather than yourself.

...

The Wise Owl recommends you use the generate password/pass phrase passphrase option.

The password or passphrase generated by Wise Owl Legal for you is actually above the average password quality. As a computer has generated it under controlled conditions, we guarantee it's hard to guess (because it contains no personal information and is totally random). If you don't like it, you can always change it or let the system generate a different one. When you change your Wise Owl Legal password, there is an option for the system to generate a password or passphrase for you.

...

There are a variety of products and systems available to produce passwords and passphrases. Using one of these is better than thinking up your own password up because they ensure it ensures randomness (humans are very bad at being random).

...

.

  • Diceware - uses a printable list of words and dice to select a passphrase. We recommend 4 or more words for an above-quality passphrase. (Wise Owl Legal uses a variation of this system to generate passphrases).

  • Random Word Machine - generates pronounceable yet nonsense words. Put two or three words together to make a secure passphrase.

  • Search for other password generators on the Internet - most generators make passwords like 3497zVp63v4IC, and have options to change the length, what characters appear in it and so forth.

...

First of all, this is the least recommended way to choose your password. Please read the section below about how good password crackers are before trying to make your own password up.

The key to making your own password is being random. Whatever you include in your password must be as random as you can make it, short of being totally unmemorable. Any patterns, rules or personal information you include in it could be guessed by a password cracker.

Info

A long list of don'ts:

  • Don't include any personal information in your password. Hackers commonly use this information to figure out a user's password, sometimes on the first attempt!

    • Don't use your name

    • Don't use any friend or family member's name

    • Don't use any famous name

    • Don't use your birthday (or family birthdays, or important historical dates)

    • Don't use your login name

    • Don't use anything to do with Wise Owl Legal

    • Don't use any information you've posted about yourself on the Internet (eg: on Facebook, Twitter, Google+, etc)

  • Don't choose a word you like, make an o into a zero, an s into a $ and stick your birthday at the end. Hackers will guess past this in seconds.

  • Don't use real words. Hackers have dictionaries containing every word and every name (and many other commonly used passwords). Many of these dictionaries are derived from public sources like Wikipedia, Project Gutenberg, Twitter and Facebook.

  • Don't use any example passwords on this page.

Here's a possible way to make a password:

  1. Choose two words at random. Eg: logic and eraser.

  2. Mix the words up, so they don't appear in their original forms. Feel free to drop a few letters or add new ones

...

  1. to make it easier to remember. Eg: er-log-er-ic-as (hyphens added for clarity).

  2. Take the serial number from your computer (or phone, etc). Eg: 000413247B09

  3. Grab a few numbers from

...

  1. Serial and add them

...

  1. to your new word. Eg: er4-log1-er3-ic2-as4 (hyphens added for clarity).

  2. Drop one of the parts for a final password: log1er3ic2as4 

Even better than a password is a passphrase. Although they tend to be take longer to type, a passphrase can be as secure as 3497zVp63v4IC but much more memorable. E.g. Eg: correct horse battery staple (taken from XKCD).

...

  • You can enter non-English characters as part of your password. If you speak a different language, choose one English word and one in another language. 

    • Or even write an English word out in Japanese characters, for example.

  • Use Diceware to choose your words instead of you.

    • Or let Wise Owl Legal generate a passphrase and you can modify it.

  • Passwords can be as long as you want. So feel free to make a 20 or 30-letter long passphrase.

  • Include spaces between words. 

  • Deliberately misspell words.

  • Don't tell the truth. Instead of choosing your pet's name, choose a headline from page 24 of today's newspaper. And then change the headline.

  • Don't be afraid to write it down. Making something longer and more complex that you write down is better than simple and memorised (and of course, long and memorised is better again!). Just keep your written copy secure (eg: in your wallet).

  • Read some more tips by the makers of OnePass.

...

If you think this page is pointless or overkill, think again. Password crackers are smart, highly  and highly motivated and have developed powerful tools to find your password.  

Any IT-literate person can learn how to crack passwords, and do a decent job of it in one working day. Professional crackers will find up to 90% of passwords in at the same time. They even hold annual competitions to see who can crack the most passwords. They use off-the-shelf hardware, available for a few thousand dollars to attempt billions (trillions for those with deep pockets) of different passwords every second. Even the computer on your desk can check millions of potential passwords each second.

The Wise Owl Legal Password Blacklist was made using the same tools and techniques as real crackers do. We at Wise Owl Legal have had no prior experience cracking passwords, yet obtained millions of real user 's passwords from publicly available leaks.

Don't for a moment think your password is good enough if you've thought it up yourself. Professional crackers will find passwords like qeadzcwrsfxv1331, momof3g8kids and:LOL1313le within 24 hours. If you can think up some tricky scheme to make a password, they'll figure it out - given enough time. And they have much more time than you do; you spend a few minutes by yourself to think a password up. Crackers can spend hours, days or even weeks of time using sophisticated hardware and software programs in a competitive community to find your password.

...