Versions Compared

Version Old Version 5 New Version 6
Changes made by

Former user

Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Although Wise Owl Legal takes a number of precautions to keep your data secure, in the end, your password is the most important factor in keeping unauthorised people out of your Appliance. A well chosen password will keep even the most determined hacker from accessing your Appliance. However, while a poorly chosen one chosen password can give grant access to a competitor, a disgruntled employee, or even a teenage kid teenager with too much time on their hands.

...

Three things make a good password:

  1. Hard It is hard for someone else to guess.
  2. Easy It is easy for you to remember. 
  3. Not It is not reused on some other website.

...

Of course, if your password is so hard to guess that even you can't remember it, well, that's pointless. And, generally, hard to guess passwords tend to be hard to remember. Further, because we can only remember perhaps 4 or 5 passwords before we get afraid we might forget something really important (like our address or partner's birthday), we tend to reuse passwords (which on multiple websites. Password reuse is bad because if the password for your bank is the same as the password for your favourite boutique online shop, and the shop gets hacked, your bank account is wide open for theft).

So there's a compromise you have to make between something really easy like 123456 or password, and 3497zVp63v4IC (although, as you'll see in a moment, that's not entirely true).

...

  1. Generate a new, totally random, unique password like 3497zVp63v4IC.
  2. Store it securely in the password manager.
  3. When you log into Wise Owl Legal, the password manager will automatically copy the password (and even your username too) to your web browser for you.

...

There are a variety of high quality password managers available. Some are free, others cost money. Some work just on Windows, others can sync with your smart phone. Some look really pretty, others look like they were made by a computer programmer. Choose one and use it. For every website you visit.

...

Pen and paper is a surprisingly good option, as long as you store the paper securely. A small pocket notepad or several pages in the back of your diary could work works well.

The down side of both the browser and paper options is you still need to create a password. See below for ways to generate one using a system, rather than yourself.

...

The password or passphrase generated by Wise Owl Legal for you is actually above the average password quality. As a computer has generated it under controlled conditions, we guarantee it's hard to guess (because it contains no personal information and is totally random). If you don't like it, you can always change it or let the system generate a different one. When you change your Wise Owl Legal password, there is an option for the system to generate a password or passphrase for you.

If you keep using that password and keep the page with your original login details in a secure location (eg: your wallet or with documents like your passport) and don't tape it to your computer screen, you'll be doing better be more secure than 90% 95% of people. 

Generate One Using A System

There are a variety of products and systems available to produce passwords and passphrases. Using one of these is better than thinking your own password up because they ensure randomness (while humans are very bad at randomnessbeing random).

  • Diceware - uses a printable list of words and dice to select a passphrase. We recommend 4 or more words for an above quality passphrase. (Wise Owl Legal uses a variation of this system to generate passphrases).
  • Random Word Machine - generates pronounceable yet nonsense words. Put two or three words together to make a secure passphrase.
  • Search for password generator on the Internet - most generators make passwords like 3497zVp63v4IC, most and have options to change the length, what characters appear in it and so forth.

...

First of all, this is the least recommended way to choose your password. Please read the section below about how good password crackers are before trying to make your own password up.

The key to making your own password is randomnessbeing random. Whatever you include in your password must be as random as you can make it, short of being totally unmemorable. Any patterns, rules or personal information you include in it could be guessed by a password cracker.

A long list of don'ts:

  • Don't include any personal information in your password. Hackers commonly use this information to figure out a user's password, sometimes on the first attempt!
    • Don't use your name
    • Don't use any friend or family member's name
    • Don't use any famous name
    • Don't use your birthday (or family birthdays, or important historical dates)
    • Don't use your login name
    • Don't use anything to do with Wise Owl Legal
    • Don't use any information you've posted about yourself on the Internet (eg: on Facebook, Twitter, Google+, etc)
  • Don't choose a word you like, make an o into a zero, an s into a $ and stick your birthday at the end. Hackers will guess past this in seconds.
  • Don't use real words. Hackers have dictionaries which contain containing every word and every name (and a bunch of many other commonly used passwords). Many of these dictionaries are derived from public sources like Wikipedia, Project Gutenberg, Twitter and Facebook.
  • Don't use any example passwords on this page.

...