Here's a Guide on How to Choose The Strongest Password, According to Science
Creating strong passwords
Our research has led us to develop some specific recommendations for choosing passwords that provide good protection for online accounts and the data they contain. A crucial aid in this process is to use a password manager to generate long, random passwords – and remember them for you.
If you're making your own passwords:
- Make your password at least 12 characters, and mix it up with at least two or three different types of characters (lowercase letters, uppercase letters, digits and symbols), put in unpredictable places. Don't put your capital letters at the beginning or your digits or symbols at the end.
- Avoid including names of people or pets, places you have lived, sports teams, stuff you like or birth dates. Avoid common phrases (especially anything related to "love" in any language) and song lyrics. Don't use patterns ("abc," "123"), including patterns on the keyboard ("1qazxsw2").
- One way to make a strong password is to create a sentence that no one's ever said before and use the first letter or two of each word as your password, mixing in other types of characters.
It may be tempting to reuse your existing passwords, but don't do it for any accounts you care about. It is better to write your passwords down in a secure place if you have more passwords than you can remember, or better yet, use a password manager.
You can also protect your account without making your password more complicated by using two-factor authentication when it is offered – it's easier than most people think.
Passwords are an annoying part of online life, but they aren't going away soon. While the password policies of the past decade have caused more user pain than security gain, our research is helping find ways to create passwords that actually work for regular people while keeping us more secure.
Lorrie Cranor, Professor of Computer Science and of Engineering & Public Policy, Carnegie Mellon University; Blase Ur, Assistant Professor of Computer Science, University of Chicago; Lujo Bauer, Associate Professor of Electrical and Computer Engineering and Computer Science, Carnegie Mellon University; Michelle Mazurek, Assistant Professor of Computer Science, University of Maryland, and Nicolas Christin, Associate Research Professor of Computer Science, Carnegie Mellon University.
This article was originally published by The Conversation. Read the original article.
Comments
Post a Comment