Getting Comfortable With The Basics

Use Strong Passwords

Your passwords are the keys to your internet life. Use strong passwords and keep the bad guys out.

Naked Security's video on How to Pick a Proper Password
Two-factor authentication
Creating One Strong Easy to Remember Password
Consider a password manager
XKPasswd – Secure Memorable Passwords Generator

Don't reuse passwords:

  • The best security in the world is useless if a malicious person has a legitimate username and password. They can do everything you can do.
  • Some people’s passwords are just simp;e to guess, like “password.”
  • Others use plain words that can be guessed by a hacker’s program that tries every word in the dictionary.
  • If you use the same password for every site, a hacker only has to break it once to have access to everything.

Use robust passwords:

  • A password needn't be a word at all. It can be a combination of letters, numbers and keyboard symbols. – (i.e. ` ~ ! @ # $ % ^ & * ( ) _ + – = { } | [ ] \ : ” ; ‘ < > ? , . /).
  • Use a password at least eight characters long. Longer passwords are harder to guess or break.
  • A password should not contain your username, real name, or company name.
  • Use of upper and lower case letters, numbers, and keyboard symbols make the most robust passwords.
  • Some of these punctuation marks may be difficult to enter on foreign language keyboards if you are traveling.

Avoid weak passwords here are some examples.

  • By just using no password at all.
  • Using a common dictionary word as a password is a bad idea.
  • Something that is easy to work out with a little background knowledge. For example favorite football team, birthday, spouse’s name, etc.
  • The most common password is ‘Password’ so that’s an obvious one to avoid.

Look after your passwords

  • Never disclose your passwords to anyone else.
  • Don’t enter your password when others can see what you are typing.
  • Use different passwords for different services. In particular have a unique password for banking sites.
  • A compromised password should be changed as soon as possible.
  • Don’t recycle passwords (e.g., password2, password3).
  • Don’t write passwords down. Instead, use memory tricks to remember them. For example, make a password out of the fir. st letters of each word in a memorable phrase or substitute numbers for letters (for example 5 for s, 3 for e).
  • Don’t send your password by email. No reputable firm will ask you to do this.
  • If you think that someone else knows your password, change it immediately.

Google Chrome Has a Built-In Password Generator. Here's how to use it!  by Bleeping Computer – Chrome has a surprising amount of features that are hidden or not well known that can offer a great deal of functionality for users. One of these features, is a built-in password generator that can be used to create strong passwords when creating new accounts and a password manager called Smart Lock that stores these passwords on so that you can retrieve them later.

Creating One Strong Easy to Remember Password   (For use as a Master Password)

I suggest you start using a Password Manager to store login information for all of your online sites. Using a password manager is the most important thing you can do to enhance your security online. There are some good ones to choose from LastPass, KeyPass, DashLane, 1PasswordRoboForm, and Chrome Password Manager these all are well vetted and safe to use.

Creating a master password 

However to use a password manager you still need one password to lock and unlock it. This password needs to be unique and follow all of the robust password rules. This one password should have no relation to your life, family, anniversaries, hobbies or travels in other words not guessable by someone with knowledge of your life. At the same time, this master password needs to be easy to remember and type especially on a phone keyboard.

Here is a simple online tool from LastPass to help you create a unique master password, it's their Username Generator Tool. It is intended to be used to create 8 or 10 character strings of characters to use as a username. However, I'm suggesting a different approach.

Open the Username Generator Tool:

  1. Set the Username Length to 4 or 5 characters.
  2. Check the Uppercase and Lowercase boxes.
  3. Now click the circling arrow symbol to generate a word. Repeat clicking the circle arrow till you find a pseudoword you can pronounce, make notes or it.
    Repeat this process until you have 3 or 4 nonce words.
  4. Combine these non-words using number and symbols between them and add some numbers to the beginning or end.
The goal is to end up with a 16 to 20 character random master password that you'll use to unlock LastPass or some other password manager.
Here's how I create a master password using the LastPass username generator
First created three, five letter base words (beTag, erEcs, and gleDI) then combined them with numbers and symbols to build a 17 character password add some numbers to the beginning or end (beTag8erEcs#gleDI952790) to end up with 23 character password. I toggled through many combinations in the username generator tool for each base word till a combination appealed to me. This will be used as the Master Password for logging into LastPass or whatever password manager you choose and nowhere else.

Naked Security's video on How to Pick a Proper Password?

How to Create a Strong Password (and Remember It) by How-To Geek “Be sure to use a strong password” is advice we all constantly see online. Here’s how to create a strong password — and, more importantly, how to actually remember it.

A Trick For Creating Memorable Passwords

  • The Passphrase / Diceware Method Diceware™ is a method for picking passphrases that uses dice to select words at random from a special list called the Diceware Word List. Each word in the list is preceded by a five digit number. All the digits are between one and six, allowing you to use the outcomes of five dice rolls to select one unique word from the list.
  • The complete list contains 7776 short English words.
  • You can also download the Diceware word list in PDF format.

Diceware passwords now need six random words to thwart hackers.  by Jon Brodkin – Ars Technica
Five isn't enough anymore because password cracking is frighteningly effective.

You should follow one of these methods for creating a truly random password/passphrase and have it ready before installing a WiFi router, creating your PGP or GPG key, opening a new security account (LastPass) or setting up an encrypted disk.

How to Use a Password Manager by The Verge  – If you're using the same password over and over and over again, it's about time you stop. Here's how you can start securing your accounts — it's a lot easier than you'd think. Click to play YouTube video. 

Consider a password manager:

  • LastPass is a free password manager that makes web browsing easier and more secure. It’s free to use on all your computers! Automatically synchronizes your data: access it from anywhere at any time. All of your data is encrypted locally on your PC – only YOU can unlock it. Using a Mac, Windows, or Linux? LastPass works everywhere. Authy and Google Authenticator work with LastPass.
  • AI RoboForm from Siber Systems
    Manage your passwords and information with Roboform. It will automatically fill in password information or login information to any online account or Web site. Create an identity with all of your personal information–name, address, telephone, etc. You won’t have to waste time retyping that information ever again! Stuck trying to think of a new password? It will generate secure random passwords for you. All personal information is securely stored on your computer. Cost: Free limited version; $29.99 for Pro edition












Tech News by Topic