Lets know how to
Selecting and maintaining secure passwords
In general, when you want to protect something, you lock it up with a key. Houses, cars and bicycle locks all have physical keys; protected files have encryption keys; bank cards have PIN numbers; and email accounts have passwords. All of these keys, physical and electronic, have one thing in common: they open their respective locks just as effectively in the hands of somebody else. You can install advanced firewalls, secure email accounts, and encrypted disks, but if your password is weak, or if you allow it to fall into the wrong hands, they will not do you much good.
Elements of a strong password
A password should be difficult for a computer program to guess.
*Make it long: The longer a password is, the less likely it is that a computer program would be able to guess it in a reasonable amount of time. You should try to create passwords that include ten or more characters. Some people use passwords that contain more than one word, with or without spaces between them, which are often called passphrases. This is a great idea, as long as the program or service you are using allows you to choose long enough passwords.
* Make it complex: In addition to length, the complexity of a password also helps prevent automatic 'password cracking' software from guessing the right combination of characters. Where possible, you should always include upper case letters, lower case letters, numbers and symbols, such as punctuation marks, in your password.
A password should be difficult for others to figure out.
*Make it practical: If you have to write your password down because you can't remember it, you may end up facing a whole new category of threats that could leave you vulnerable to anybody with a clear view of your desk or temporary access to your home, your wallet, or even the trash bin outside your office. If you are unable to think of a password that is long and complex but still memorable, the Remembering secure passwords section, below, might be of some help. If not, you should still choose something secure, but you may need to record it using a secure password database such as KeePassX. Other types of password-protected files, including Microsoft Word documents, should not be trusted for this purpose, as many of them can be broken in seconds using tools that are available on the Internet.
*Don't make it personal: Your password should not be related to you personally. Don't choose a word or phrase based on information such as your name, social security number, telephone number, child's name, pet's name, birth date, or anything else that a person could learn by doing a little research about you.
*Keep it secret: Do not share your password with anyone unless it is absolutely necessary. And, if you must share a password with a friend, family member or colleague, you should change it to a temporary password first, share that one, then change it back when they are done using it. Often, there are alternatives to sharing a password, such as creating a separate account for each individual who needs access. Keeping your password secret also means paying attention to who might be reading over your shoulder while you type it or look it up in a secure password database.
A password should be chosen so as to minimise damage if someone does learn it.
*Make it unique: Avoid using the same password for more than one account. Otherwise, anyone who learns that password will gain access to even more of your sensitive information. This is particularly true because some services make it relatively easy to crack a password. If you use the same password for your Windows user account and your Gmail account, for example, someone with physical access to your computer can crack the former and use what they learn to access the latter. For similar reasons, it is a bad idea to rotate passwords by swapping them around between different accounts.
* Keep it fresh: Change your password on a regular basis, preferably at least once every three months. Some people get quite attached to a particular password and never change it. This is a bad idea. The longer you keep one password, the more opportunity others have to figure it out. Also, if someone is able to use your stolen password to access your information and services without you knowing about it, they will continue to do so until you change the password.
Also read how to remove malware
Selecting and maintaining secure passwords
In general, when you want to protect something, you lock it up with a key. Houses, cars and bicycle locks all have physical keys; protected files have encryption keys; bank cards have PIN numbers; and email accounts have passwords. All of these keys, physical and electronic, have one thing in common: they open their respective locks just as effectively in the hands of somebody else. You can install advanced firewalls, secure email accounts, and encrypted disks, but if your password is weak, or if you allow it to fall into the wrong hands, they will not do you much good.
A password should be difficult for a computer program to guess.
*Make it long: The longer a password is, the less likely it is that a computer program would be able to guess it in a reasonable amount of time. You should try to create passwords that include ten or more characters. Some people use passwords that contain more than one word, with or without spaces between them, which are often called passphrases. This is a great idea, as long as the program or service you are using allows you to choose long enough passwords.
* Make it complex: In addition to length, the complexity of a password also helps prevent automatic 'password cracking' software from guessing the right combination of characters. Where possible, you should always include upper case letters, lower case letters, numbers and symbols, such as punctuation marks, in your password.
A password should be difficult for others to figure out.
*Make it practical: If you have to write your password down because you can't remember it, you may end up facing a whole new category of threats that could leave you vulnerable to anybody with a clear view of your desk or temporary access to your home, your wallet, or even the trash bin outside your office. If you are unable to think of a password that is long and complex but still memorable, the Remembering secure passwords section, below, might be of some help. If not, you should still choose something secure, but you may need to record it using a secure password database such as KeePassX. Other types of password-protected files, including Microsoft Word documents, should not be trusted for this purpose, as many of them can be broken in seconds using tools that are available on the Internet.
*Don't make it personal: Your password should not be related to you personally. Don't choose a word or phrase based on information such as your name, social security number, telephone number, child's name, pet's name, birth date, or anything else that a person could learn by doing a little research about you.
*Keep it secret: Do not share your password with anyone unless it is absolutely necessary. And, if you must share a password with a friend, family member or colleague, you should change it to a temporary password first, share that one, then change it back when they are done using it. Often, there are alternatives to sharing a password, such as creating a separate account for each individual who needs access. Keeping your password secret also means paying attention to who might be reading over your shoulder while you type it or look it up in a secure password database.
A password should be chosen so as to minimise damage if someone does learn it.
*Make it unique: Avoid using the same password for more than one account. Otherwise, anyone who learns that password will gain access to even more of your sensitive information. This is particularly true because some services make it relatively easy to crack a password. If you use the same password for your Windows user account and your Gmail account, for example, someone with physical access to your computer can crack the former and use what they learn to access the latter. For similar reasons, it is a bad idea to rotate passwords by swapping them around between different accounts.
* Keep it fresh: Change your password on a regular basis, preferably at least once every three months. Some people get quite attached to a particular password and never change it. This is a bad idea. The longer you keep one password, the more opportunity others have to figure it out. Also, if someone is able to use your stolen password to access your information and services without you knowing about it, they will continue to do so until you change the password.
Also read how to remove malware
