Security: How To Create A Strong Facebook Password

It’s almost funny if it weren’t so sad that many people still use their birthdays and sometimes names of favorite family members as their Facebook password. A good password is one that is impossible to guess. Many people know this already, but only a few truly understand the importance of creating a strong, impossible-to-guess password.

So why do you need a strong password?

Your password is what you need in order to prove to the computer that you are who you say you are. It functions like a normal house key, except that instead of carrying it around in your pocket or your wallet, you carry it around in your head.

Like a regular house key, passwords can be stolen. Someone using your password will pretend to be you in order to gain access to your account, files, or any other important information you store in your computer or database.

The computer has no way of knowing if it is really you or someone pretending to be you, the same way that your door has no way of knowing if it is you holding that key inserted into the keyhole.

For these reasons, it is important to safeguard a password, and one of the most reliable ways of safeguarding your password is to create one that is difficult to crack. So you will create highly complicated passwords – unfathomable letter combinations and numbers and symbols and upper case letters and lower case letters and whatever else you can add into the whole mix.

However, the main trouble about password security is that people will have to remember them in order to gain access to the network, whether it is a home computer network or an office network.

Now, if you were using a literal cocktail of letters, symbols, and numbers as a password, you would have to have exceptionally high capacity for remembering codes. The problem is not all people have brains that function like that.

In fact, most people are better at remembering words that actually make sense than a splatter of alphanumerics with who-knows-what meaning. As such, people naturally prefer the former when choosing or creating passwords.

Unfortunately, hackers are very, very smart. If, given enough computing power, time, and encrypted data, these hackers can compromise even the most complex cryptographic system, how much more a password that is easy to crack? It is like stealing candy from a baby, to borrow a line.

The purpose therefore of creating strong passwords is to make it as difficult as possible for the hacker to figure out, even if he had all the time in the world to crack it.

However, taking into account our admittedly human tendency to remember things in context, your password should also be one that you can relatively recall fairly easily – that is, they should not be completely alien to the brain, like all numeric codes, to make them easier to remember and store in our memory banks.

In fact, experts in network security highly encourage that you use a combination of numeric codes and letters of the alphabet as this will increase the number of odds and make it more difficult for the hacker to figure out the right combination.

Passwords to Avoid

Okay, you have to admit that there are only so many words that people use and so many numbers that it is difficult to come up with something totally original to make use of as a password.

More often than not, people will use the same password for all their accounts without even knowing that some other person in some other state or country is also using the same password because they thought it was unique.

Moreover, hackers use cracking devices specifically for the purpose of figuring out people’s passwords. These devices will run a list of all possible letter and number combinations and then all the hacker has to do is to try out each one until he gets the right one.

It seems like a tedious job, but cracking devices are actually very sophisticated software that can eliminate all the other odds in order to get the hacker closer to figuring out the right password. They have resources and a deep understanding of how people think (at least, when it comes to what passwords the average Joe would likely pick up) to make the whole task simple.

Now, couple that with all the wonderful technology at their disposal, and you are practically at their mercy, unless you take steps in avoiding the following weak passwords:

* Words in the dictionary, including any dictionary in any language or technical application (e.g. engineering dictionary)

* Your username or your real name

* Your spouse’s name or the name of any person you know, including family members

(This is because password crackers can easily get a list of 10,000 names or more and then run them through your system to see if one works)

* Words found in the “cracking dictionary”

(Yes, password crackers do keep a list of words that a lot of people use. This includes abbreviations; cartoons; character patterns; asteroids; famous names; Bible; movies; god, myths and legends; Password (the word itself); female names; male names; machine names; science fiction; songs; sports; number patterns; surnames; places; short phrases; Shakespeare; etc.

* Any common words with a single character before or after it (e.g. 1happy, Paris8)

* Any common words, capitalized (e.g., Soccer)

* Any common words, reversed (e.g., soccer à reccos), doubled (e.g., soccer à soccersoccer), or mirrored (e.g., soccer à soccerreccos)

* There was a time when it was a good idea to take a word and substitute some of the characters.

For instance, instead of using the word “password,” you can make it into this alphanumeric combination: P@$$w0rd. This is actually a good password, as far as the rules of creating good passwords are concerned. However, there are actually some cracking devices today that are designed to crack even those kinds of passwords, so you probably should not take this route anymore.

Now that you know what passwords to avoid, time for you to learn what makes a good password.

Creating a Strong Password

One of the first things to remember when creating strong passwords is the balance between coming up with a password that is complex enough to give crackers a hard time, yet easy enough for the user to recall. This shouldn’t be too difficult if you take note of the following tips:

The Six-Character Rule

A strong password should be one that is composed of six characters or more. This will make it difficult for a hacker to crack with a brute-force attack.

You can use as many characters as you like so long as you meet the minimum of six characters. However, note that there are some systems that establish a maximum number of characters. For instance, the UNIX system has a maximum of eight characters.

Upper and Lower Case Combination

This was mentioned earlier. Passwords are made case-sensitive for a reason, and that is reason is to increase the security level of gaining access to your account. But in addition to upper and lower case combinations, strong passwords should also incorporate punctuation marks and numbers.

Now, one common mistake people make when it comes to passwords like this is they write it down to help them remember.

While these passwords are admittedly hard to recall, DO NOT make the mistake of writing them down anywhere or keeping a record of them anywhere in your system.

The License Plate Rule

This rule is simple. Just take a word or a phrase and then squeeze it into six or eight characters the way you would with a vanity license plate.

Small Words and Punctuation Marks

The good thing about passwords like these is that they are easy to come up with and easy to remember. Let’s take the word “coffee” for instance. Take that word and insert punctuation marks in there somewhere to mess up the crackers – i.e. “co%ff*ee”

Use Control Characters

This can be a good choice. However, note that there are some that bear special meanings. For instance, characters like ^U, ^H, or ^D might prevent you from logging in again.

Use Uncommon Phrase

Remember this rule: short phrases are a no-no. But uncommon phrases tweaked just so are okay. More than okay, in fact.

For example, let’s take a Latin legal phrase: “Dura lex sed lex”, which means “the law may be hard but it is the law.”

Now, take the last letters of each word to get this combination: “axdx.”

Finally, throw in a capital letter, punctuation marks, and numbers and you can come up with a hard-to-crack password like this: “Ax%d3x*”

Misspelling Rule

Deliberately misspelling words is highly encouraged. This will make your password harder to crack.

Random Gambit

And last but not least, try to come up with a password that is totally random to anyone else but not to you.

We can’t tell you how to come up with these because then if we ourselves can figure it out, then it’s probably not that random. So only you can really come up with random passwords that are difficult to crack. Just think hard and…USE YOUR IMAGINATION.

And once you have come up with a good, strong password using the above-given tips, the next important step is to continuously update your password. Six months is the maximum length of time you should keep using a password. Experts agree that this is the optimum period with which a password will remain secure and uncompromised. It will also take this long for a typical cracking device to crack your strong password.

If you have difficulties remembering the passwords you have created, consider using the free or upgraded version of RoboForm – the most respected and encrypted password saver available on the market.


Speak Your Mind

Tell us what you're thinking...
and oh, if you want a pic to show with your comment, go get a gravatar!