Skip to content

Write your own secure passwords

Would you leave your car door open, with the keys in the ignition, in a high crime area? If your password is easy to guess it’s much easier for a thief to steal your information (personal, financial and more) than steal your car.

What do you mean by "easy-to-guess password"?

Obvious passwords, that are easy to guess, would be your domain name, your company name, your name, or any short word (less than six characters - we recommend eight characters). Even if the system blocks a thief after three attempts, would they have guessed your password?

And if you're famous you may need to take extra care. A hacker gained entry to Paris Hilton's account because one of the security questions was "What is your favorite pet's name?" If you didn't know the answer, Google does.

Why bother? Nobody wants to get into my files.

Really? What commercially sensitive information do you have on your computer? Do you have any personal information in your email messages? Do you have any credit card or bank account numbers that could be exploited? What would happen if a spammer put ads for Viagra on your website?

We often see emails from people who have had their email account hacked – imagine if someone sent an email, from your email account, advertising porn websites. How would you react – how would your friends, family, clients and colleagues react?

We also see robots (automated computer programmes) constantly hitting servers, entering easy to guess passwords, trying to guess their way into administration accounts – a robot doesn’t care if it guesses all night. Can it guess your password?

OK, I get the message, what do I do?

How to make secure passwords

The easiest technique I’ve come across is a password sentence. By using the first letter of every word, in an easy to remember sentence, you can easily recall a complicated password and adapt it to different applications.

1. The first step is to make a sentence that’s easy for you to remember, like:

my Hotmail password sentence is easy to remember

2. We can then swap words for numbers; in this case we swap “to” for the number 2:

my Hotmail password sentence is easy 2 remember

3. The next step is to take the first letter of each word to make a password:

my Hotmail password sentence is easy 2 remember

Notice the word H, for Hotmail, is capitalised. This means you can easily swap out that letter to make each of your passwords unique. Most people only have a few passwords which means if an identity thief gets one password they can guess their way into the rest of your email accounts, video accounts, bank accounts - anything. So, by changing one or more letters, every time you do a new password, you increase your security and it’s still easy to remember.

4. When we run the letters together we get an unrecognizable jumble of letters and numbers:

mHpsie2r

5. Extra for experts ...

If you want to go one step further you can add punctuation and change the “i” to an “!”. This increases the password strength significantly, though some websites will not accept anything other than letters or numbers, so you may end up with multiple variations – which is great if you can remember them.

mHps!e2r

Now, every time you log into an account, with the old easy-to-guess password, simply change the password to your new system; or go and change them all now if you are even slightly concerned about the security of your accounts.

Mike Eastwood

P.S. Do all your EFTPOS cards have the same PIN number too? So if a thief sees you enter your PIN they can access all your accounts? Yes, unique passwords and PIN numbers are important for everything.

Creative Commons Logo