Managing your online life is becoming more complicated every day.  Every site we visit requires a login and password and its increasingly difficult to find ways to create new, unique and yet secure (or strong) passwords that can be memorized easily.

You may have recently read about popular websites, email, banking and other online service accounts being compromised so this is a good time to review what constitutes a STRONG password and easy ways you can memorize them so that your online accounts remain secure.

There are a number of common techniques used to crack passwords and plenty of ways we make accounts vulnerable due to simple, widely used and even well known passwords.

Here are some of the most common ways hackers obtain passwords:

Dictionary attacks: Avoid consecutive keyboard combinations— such as qwerty or asdfg. Don’t use dictionary words, slang terms, common misspellings, or words spelled backward. These cracks rely on software that automatically plugs common words into password fields.

Cracking security questions: Many people use first names as passwords, usually the names of spouses, kids, other relatives, or pets, all of which can be deduced with a little research. When you click the “forgot password” link within a webmail service or other site, you’re asked to answer a question or series of questions. The answers can often be found on your social media profile. This is how Sarah Palin’s Yahoo account was hacked.

Simple passwords: Don’t use personal information such as your name, age, birth date, child’s name, pet’s name, or favorite color/song, etc. When 32 million passwords were exposed in a breach last year, almost 1% of victims were using “123456.” The next most popular password was “12345.” Other common choices are “111111,” “princess,” “qwerty,” and “abc123.”

Reuse of passwords across multiple sites: Reusing passwords for email, banking, and social media accounts can lead to identity theft. Two recent breaches revealed a password reuse rate of 31% among victims.

Social engineering: Social engineering is an elaborate type of lying. An alternative to traditional hacking, it is the act of manipulating others into performing certain actions or divulging confidential information.

Brute Force Cracking: This type of hacker uses his computer to try every possible password combination until he succeeds.  This can take time considerable time but that time is greatly reduced when you utilize weak or commonly used passwords.

The Basics:

While you can’t prevent hackers from trying to obtain your password, you can certainly make it difficult for them to obtain it through traditional means.  When creating your password there are a couple of rules that you should follow…

1. Password Length: Passwords should be at least 8 characters in length.  The more characters in your password the better  Consider going with at least 10 characters as every character added increases the effort a would-be cracker must use to break your password.
2. Password Complexity: Each password should contact at least one character from each of the following character categories
   1. Lower case letters
   2. Upper case letters
   3. Numbers
   4. Special Characters (like – !@#$%^&*())

Some examples of strong passwords might be:

• 586Ym87=        (Remember it by: 5 8 6 YANKEE mike 8 7 = )
• 81jO3k2v*5        (Remember it by: 8 1 juliet OSCAR 3 kilo 2 victor * 5 )
• TmT8,+8;P"P (Remember it by: TANGO mike TANGO 8 , + 8 ; PAPA ” PAPA )

Following these guidelines will make your password much stronger and extremely difficult for a would-be cracker.  If your current banking or any personally/financially sensitive passwords don’t match the guidelines above, you should consider changing them immediately.

Tips for avoiding weak passwords:

Avoid the following items when creating your passwords.

1. Any password that is the same as your username or part of your username
2. Names of family members, friends or pets, no matter how unusual or complicated
3. Personal information about yourself or family members,  including generic information that can obtained about you very easily, such as birth date, phone number, license plate number, street name etc.
4. Sequences or consecutive letters, numbers or keys on the keyboard.  For example: abcdef12345, qwert, etc.
5. Words found in the dictionary with a number or character in front or back
6. Words found in the dictionary substituting a number for letter look alike.  For example: Replacing the letter O with number 0 in a word like passw0rd

Password Common Sense:

1. Always create a unique password for every site where you are registered
2. Change your passwords at regular intervals not exceeding every 6 months
3. Never write down your passwords
4. Don’t share your passwords with anyone
5. Never use the same password for multiple sites
6. Never send your password to others via email
7. Change your passwords immediately if you receive notice of possible compromise
8. Never use the “Remember Password” feature built into most browsers
9. Don’t login to personal sites on a computer that does not belong to you

10.  Never type your password when someone is looking over your shoulder

11.  Avoid logging into personal sites while using public wifi locations

So, what is your new password? Don’t tell us. Just go and create one.