Security - everything is only as secure as your email password

There has been a lot of chat lately about stolen domains, phishing, and all the like. Most people put huge passwords in their bank account but that’s about it. Sadly, the weakest link in the security chain is the password to your email.

Why?

Almost all sites that require a password have a “forgot password” link which will email you instructions on how to change your password. If someone knows the password to your email then the most secure password out there is at risk.

How can you prevent this?

Make your email passwords secure. Make them as secure, but not the same, as your bank account passwords, registrar accounts, work related passwords, and so on. This does not mean make those passwords less secure, make your email password more secure. There are simple little tricks that anyone can do that will even trip up brute-force attempts and password cracking scripts.

Most people want passwords they can remember so they use birthdates, nicknames, significant other’s names, pet’s names, streets where they grew up, a school they went to, or a hobby. Someone who knows you well can usually guess these in a few tries. This is dangerous since relationships don’t always last forever and then you’re at risk (and it is with someone who isn’t too happy with you).

You can still use these as a password, but a few simple modifications can make a not secure password into a very secure password.

For example, my name is Draggar. I have a dog named fluffy and I like soccer. I was born in 1965. A few unsecured passwords for me would be “draggar65”. “fluffy”, and “soccer”. These would be easy to guess for most of my friends and family. How can you make them a little more secure? Add in a simple number. For example: “19draggar65”, “dr4gg4r” (the number 4 instead of the letter A) “f1uffy” (the number 1 instead of the letter L), “s0ccer” (the number 0 instead of the letter O) are more secure but still not the best.

What is the best? Long and complicated. No, you don’t need 40 character passwords (you can if you want to). Throw in some non alphanumeric characters in random places. “flu_ffy” will throw off a lot of password hacking programs. Want to go even better? Use non-standard letters (letters not commonly used in your country), for example: dræggar (a æ instead of an A), d®aggar, ƒluƒƒy (ƒ (mathematical symbol for “function”) instead of f’s). Still, longer is better. D®aggar_s0ÇÇer” would be a very secure password for me. If you don’t know how to use these symbols, it is easy. Hit the ALT key then enter in the 4 number combination from the keypad (do not use the numbers above the letters) for example, ALT-0241 is ñ (Spanish letter, as in señor or años). Feel free to look them up at ACSII map but you’ll need to put the number 0 in front of each set.

Please note that the best solution for a secure password is not something along the lines of a hobby, nickname, pet's name, etc. The best passwords are a combination of letters, numbers, and alphanumeric characters that are seemingly random.

Note: Some browsers may not support these characters. I do know they work with Internet Explorer and FireFox but also some applications may not support them either.

Good luck and keep those passwords secure!