Versions Compared

Version Old Version 4 New Version 5
Changes made by

Former user

Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The key to making your own password is randomness. Whatever you include in your password must be as random as you can make it, short of being totally unmemorable.

Firstly, a long A long list of don'ts:

  • Don't include any personal information in your password. Hackers commonly use this information to figure out a user's password, sometimes on the first attempt!
    • Don't use your name
    • Don't use any friend or family member's name
    • Don't use any famous name
    • Don't use your birthday (or family birthdays, or important historical dates)
    • Don't use your login name
    • Don't use anything to do with Wise Owl Legal
    • Don't use any information you've posted about yourself on the Internet (eg: on Facebook, Twitter, Google+, etc)
  • Don't choose a word you like, make an o into a zero, an a into an at symbol and  an s into a $ and stick your birthday at the end. Hackers will guess past this in seconds.
  • Don't use real words. Hackers have dictionaries which contain every word and every name (and a bunch of other commonly used passwords).
  • Don't use any example passwords on this page.

...

  1. Choose two words at random. Eg: logic and eraser.
  2. Mix the words up, so they don't appear in their original forms. Feel free to drop a few letters or add new ones in to make it easier to remember. Eg: er-log-er-ic-as (hyphens added for clarity).
  3. Take the serial number from your computer (or phone, etc). Eg: 000413247B09
  4. Grab a few numbers from serial and add them into your new word. Eg: er4-log1-er3-ic2-as4 (hyphens added for clarity).
  5. Drop one of the parts for a final password: log1er3ic2as4 

Even better than a password is a passphrase. Although they tend to be longer to type, a passphrase can be as secure as 3497zVp63v4IC but much more memorable. Eg: correct horse battery staple (taken from XKCD).

...

  • You can enter non-English characters as part of your password. If you speak a different language, choose one English word and one in another language. 
    • Or even write an English word out in Japanese characters.
  • Use Diceware to choose your words instead of you.
    • Or let Wise Owl Legal generate a passphrase and you can modify it.
  • Passwords can be as long as you want. So feel free to make a 20 or 30 letter long passphrase.
  • Include spaces between words. 
  • Deliberately misspell words.
  • Don't tell the truth. Instead of choosing your pet's name, choose a headline from page 24 of today's newspaper. And then change the headline so it's wrong.
  • Don't be afraid to write it down. Making something longer and more complex that you write down is better than simple and memorised (and of course, long and memorised is better again!).
  • Read some more tips by the makers of OnePass.

...

Any IT literate person can learn how to crack passwords, and do a decent job of it in one working day. And professional Professional crackers will find up to 90% of passwords in the same time. They even hold annual competitions to see who can crack the most passwords. They use off-the-shelf hardware, available for a few thousand dollars to attempt billions (trillions for those with deep pockets) of different passwords every second. Even the computer on your desk can check millions of potential passwords each second.

Don't for a moment think your password is good enough if you've thought it up yourself. Professional crackers will find passwords like qeadzcwrsfxv1331, momof3g8kids and :LOL1313le within 24 hours. If you can think up some tricky scheme to make a password, they'll figure it out - given enough time. And they have much more time than you do; you spend a few minutes by yourself to think a password up. Crackers can spend hours, days or even weeks of time using sophisticated hardware and software programs in a competitive community to attack find your password.

Seriously, just use a password manager; let your computer and your iPhone do the hard work for you.

...