How Can I Make My Passwords Secure?

May 4, 2009

in privacy & security

by Gabe Goldberg

We’re all burdened by needing too many passwords to access our multitude of shopping Web sites, banking and financial tools, work computers and networks, social media resources (Facebook, Linkedin, Twitter), etc. And by the time we listen to all the elaborate, boring — but necessary though often contradictory — advice for creating passwords, it becomes too challenging. So it’s tempting to just use our street, child’s name, or ZIP Code for everything.

Bad idea! Bad guys use automatic tools to guess thousands of passwords in an eyeblink to penetrate accounts. So making passwords obscure – not using names or dictionary-findable words — is essential for security. For starters, do things like avoiding real words, transposing letters, using odd characters (numbers, punctuation), and spelling words backward.

Microsoft offers two valuable password-related resources. First, a Web page advises techniques on creating and using strong passwords. Another page interactively tests password strength, rating them weak, medium, strong, or best.

Secure password

Secure password

The problem, of course, is that “best” passwords can require 14 characters, combining upper and lower case letters, numbers, and a symbol or two. For example, z24x680uBS4!44 is strong enough for Microsoft to call it “best.” But horrors like that are impossible to remember (especially when some companies and Web sites force frequent password changes), leading to writing them down or storing them in easily compromised computer files.

So a better technique is combining memorability with obscurity – for example, using easily remembered words but replacing letters with numbers or dropping vowels.

Gabe Goldberg (, a lifelong computer pro and technology communicator, has written three books and hundreds of articles for audiences including techies, baby boomers and senior citizens. He enjoys sharing tips and pointers that help people use and have fun with technology.