Trust me...I don't like them either: passwords (a.k.a. PINs, passphrases). Passwords are synonymous with the computing experience, but few people appreciate the heavy lifting that these words and numbers perform. Due to poor security, passwords are often the only line of defense between you and the enemy, so make sure your passwords are good, strong passwords.
A strong password has the following characteristics:
- Length: the longer your password, generally the better. Eight characters* or more is generally considered the minimum.
- Variety: use the weird characters on your keyboard (i.e. $5?:!}+*3). The only real reason keyboard makers put those characters on there, is so that we can have better passwords. You paid for the extra keys, go ahead and use them!
- Early Death: euthanize your passwords regularly. If the bad guy gets a password, you can give him a rude awakening when the password stops working. 30 to 90 days is a good maximum lifespan* for a healthy password.
- Secrecy: Stop taping your password to your monitor. Stop giving your password to your friends. Passwords like their privacy too.
- Seldom Used: Don't make your poor password slave away all the time. Pick different passwords for each application and each website. This goes hand-in-hand with the secrecy issue. Why give your bank password to the staff at Blockbuster Online?
* since this is being written in Dec 2006, the guidelines on length and lifespan may change as computers get faster.
In a future post, I will help you figure out how to remember all of these long, complicated, obnoxious passwords.