Tag: security

A Good Bad Password

Disclaimer: This is not the ideal way to generate a password. The best way to generate a good and strong password is by using password manager apps. Read more about this in my previous post here.

This is an OKAY way to quickly generate a memorable password and can be used for less serious online accounts or throwaway online accounts that are in no way connected to your other important accounts like Gmail, Facebook, etc.

I don’t recommend this but it is much better than using “test”, “root”, “admin” or “pass123” type of passwords.

Ok! Now that I have clarified what this is about, let’s look at how to generate a good bad password.

The Good Bad Formula

I suggest the following quick and dirty formula to generate a password/passcode:

capital_letter + first_three_char_of_service_name + symbol + numbers

For example, if I had to generate a password for a throwaway reddit account using the formula above, it would be:

  • Capital Letter: O
  • First three characters of a service name: red
  • A symbol: #
  • Numbers: 892

The result: Ored#892

I’d always remember this password because I could always generate it just by looking at the service name (which is reddit in this case).

Again, I don’t recommend this for all your passwords. For serious, sensitive and important stuff, please use a password generator app and follow the security measures listed in my previous post.

Security 101: Passwords

Using a strong password is the first step in keeping your internet account secure. But how strong it needs to be? how to generate it? how to remember it? where to store it? how to store it? should you store it anywhere at all? Let’s answer these questions in this post.

Unique Passwords

First of all, never use the same password in two different places or services. Why? because if one of them is compromised, you will lose control of everything else.

For example: If you use the same password for your Google and Facebook account and if one of them is hacked, there’s a good chance for the hacker to get into your other account.

Choose a unique password for each service and store it some place safe (not your memory). More about it later in this post.

No Repeat Passwords

Have you ever tried resetting the password to your bank account? If so you must’ve noticed they don’t let you use the same password which you’ve used in the past. This is a security measure.

Never use repeat passwords. Always generate new ones!

Password Strength

A strong password is a mix of alphabets, numbers, symbols and usually has a length of more than 8 characters in total (more is better). It doesn’t have any “word” or “phrase” and is hard to guess. For example: kjUld3%6

You may be wondering how to create or generate such a password. Also, you may have noticed that I’ve used the word “generate” multiple times in this post. That’s because I recommend that you generate a password using a password manager app. More on that in the next section.

Generating Passwords

I recommend using a password manager app like 1Password or LastPass. I personally use 1Password but feel free to use any, they all mostly have the same features.

They’re paid apps but if you care about the security of your internet accounts, investing in a good password manager app is the right thing to do.

1Password – Password Generation Screen

The screenshot above illustrates what the password generation screen looks like in an app like 1Password. You can see it gives you an option to customize your password by choosing its length, symbols, numbers, etc.

Storing Passwords

Again, a password manager app will do this job for you. The only thing you’ll need to remember is a master password to the password manager app. Once that’s entered, you can access all your account credentials (usernames & passwords).

You may wonder how is this secure? Especially because all your accounts will be at stake if your master password is compromised.

You’re right but it there’s an added layer of security using something called a secret key. If you’d like to read more about how that works, please checkout this good article on 1Password’s official blog.

Conclusion

To conclude: Please always use a password manager app if you can afford one. It is a small investment and will help to stay secure.

Don’t use repeat passwords, don’t use words or phrases in your password, don’t write it down on a physical piece of paper, don’t share it with anyone (not even with your s/o unless absolutely necessary).

Do use unique passwords. Do use letters, numbersm, symbols in your password. Do change your password every 6 months or a year if you can. Do use two step verification (also called 2FA – Two Factor Authentication). Do log out after you are done, especially if you are using a public computer.

Most password manager apps have an option to add 2FA code. If yours has one, I recommend using that over other “Authenticator” apps. Why? because you can get your 2FA code via the desktop/mobile app even if you don’t have access to your mobile phone.

That’s all in this post. I plan to write more on this subject in the future but for now I think I have covered enough to get you started with online security.