No one wants to be the person whose accounts are hacked, and we’ve all seen plenty of examples of the emotional and financial damage that can do. We all also know that having strong passwords for your accounts – myNEU, Gmail, Twitter, Steam, Hulu, or any of the hundreds of other services and systems you use – is the easiest way to personally make it as hard as possible for hackers to succeed.
But advice for creating strong passwords changes often and usually contradicts what you were told before. When you try to follow the rules, you probably find that the passwords you end up with are so complex that you can never remember them. So you write them down. Or use the same password for everything. Hopefully you don’t use one of the passwords on this annual, horrible list (due to be updated this month).
This is not good. There is an easy way to make it better.
Given the computing power and tools available to hackers now, experts have come to realize that longer passwords are better, but the best passwords introduce complexity in the same way as CAPTCHA images do – by being something that a human brain can understand, but that confuses a computer.
Even if you’ve seen this XKCD comic before, it’s still a good demonstration of the idea:
The Northeastern Office of Information Security has several good posts up at SecureNU on why strong passwords are important, and how to create a strong password following the guide of “easy to remember, hard to guess.”
The important thing to remember is that the old line is true – security starts with you. Since your security starts with your passwords, make sure they’re strong ones that you and your capacity for nonsense can remember (Cathas12greentoes! – do not actually use), but that will stump a logical computer.