Take a moment to examine your passwords

How does it work?

Using a password, you are saying: "this is me for real, and I prove it by knowing the password." But if someone else finds out your password, they can claim the same thing, and the other party (for example, an information system or app) will believe it.

An attacker has several options to find out your password. For example, he can try thousands of passwords per minute using a computer. Another way is to guess the password based on the knowledge he manages to get about you. However, more important than knowing the types of attacks is to remember that if you are not responsible for your passwords, you are making it very easy for an attacker to do so.

Creating passwords

A good password is strong and easy to remember. A longer password with no special characters is better than a short password with special characters in predictable spaces. By following the instructions mentioned below, you will create passwords that are currently practically unbreachable and, at the same time, easy to remember. Instructions are as follows:

• Choose two to four random words (depending on the number of characters).
• You can add some other characters, such as numbers or punctuation marks. The special character is space as well.
• You can choose a specific phrase, a part of a song, a quote, or a combination. Just be careful that it is not something that is characteristic of you and, therefore, easy to guess.

Examples of strong passwords:

• Thesteelsquirreldoesn'tjump.
• Taillessporcupine.
• Examperiodsweetjoy
• Pinkpasswordsdonotdance!
• Doescoffeewearheels?

Breaching such passwords through a brute force attack (automated computer password guessing) would take several million years. For comparison, a "typical" X58zgTcv-style password! It would take approximately four weeks to crack, and it is not even easy to remember.

Handling passwords responsibly

After creating a secure password, your goal is to ensure that no one ever discovers it. Remember, a password is like a toothbrush - choose the best one, don't share it with anyone, and change it occasionally. In more detail, the basic rules of handling passwords responsibly include:

• Use a password manager – a program that remembers all your passwords, so you don’t have to. According to the instructions above, you create one strong master password, and the program takes care of the rest. You can find many up-to-date reviews on the Internet.
• Don’t write them anywhere. Amongst the greatest sins belongs passwords stuck on the PC screen! If you have a password manager, all the passwords are stored in it and accessible from anywhere and at any time.
• Don’t repeat passwords. At least not for the most important accounts. In the case of the password manager, it will take care of their strength and uniqueness.
• Never share passwords with anyone. Not even a partner! No exceptions. Period.
• Beware of shared accounts and other people's computers. Especially for the most important accounts (e-banking, sensitive information, etc.), never use the "remember password" function and use the so-called anonymous window for logging in.
• Use two-factor authentication, at least for the most important accounts. This means that in addition to the password, you use a second method for your verification. It is usually a code that comes to your mobile phone.
• Change passwords. You can associate changing passwords with a specific time of year. According to the latest recommendations, changing passwords is necessary when you suspect they have been leaked.

Right now, find at least three accounts whose misuse would pose the highest risk to you. Then assess whether you treat its passwords responsibly enough. If necessary, make the changes. It will take you only a moment.