Choosing your passwords

As you all know, passwords are one of the main issues why hacking can be easily done. When I was a little child, I remember my first chosen password for my first account ever — on A word that I took from one of my favourite cartoon characters. My password, was the simplest word that came to mind at that time. Growing up, I repeatedly kept using it for various accounts, as it was the only word stuck in my head. It was easy for me to remember and if I’m not mistaken, back in the days there were very few or none websites that asked you to follow a few simple rules while creating your password. For instance, nowadays every website will ask you to include upper and lowercase letters, numbers and sometimes even symbols to opt for a high security password. Lately, even password generators were created for those people who may have a problem with creating a secure one. At times, even recovery questions are enforced while making up a password to ensure a lower risk of being hacked.

Recovery questions are straight forward questions which a new user has to answer — while remembering that answer for future reference, in order to sign up for a new account with a particular website. These questions ask for simple information, such as: “name of your first pet” and “your mother’s maiden name”, which have an easy-to-remember answer, usually referring to a personal life-event. How should I use these questions? While I highly encourage filling up these questions, especially in case of forgetting or losing your password, I also suggest opting for the fancier questions.

One would ask; why choosing the more difficult questions if they are meant to be easy-to-remember and straight forward. Truth is that while recovery questions are pretty much safe when dealing with hackers from all around the world, one must also keep in mind other harmful users, closer to your social circle who might be more exposed to certain information about your personal life. Another turn around would be, using a fake answer to any of the questions available, even though this might eventually be a little more tricky to remember yourself in the future.

So here are some simple steps on how you can create a complex password and how to protect it

1. Make use of both upper and lowercase letters

2. Include numbers

3. Include special characters

4. Choose a random sentence even if this does not make sense to everyone else.

5. Your password needs to be at least 8 characters long (even though some say 6 characters are enough)

6. Do not write your password on a piece of paper stored in your purse, wallets, phones, notebooks, etc.

7. Keep note of your password somewhere safe i.e. at home or with protected with an encrypted password.

8. Never send your password by e-mail or any other types of virtual communication.

9. Avoid using names and places that other people might associate with you

10. Never give out your password to anyone

11. Don’t use just one password for different website or accounts

This blog is a project for Study Unit MCS3953, University of Malta.