How to Create a Strong Password. The U. S. These short, hard- to- read passwords look complicated to humans but very very simple to computers. Instead, you want long, weird strings that neither computers nor people can guess. The only problem is that Bill Burr didn’t really know much about how passwords worked back in 2003, when he wrote the manual. He certainly wasn’t a security expert.
Humans are bad at coming up with these—we all pick the same “random” words, and we’re bad at remembering actually random strings. Follow this guide to make good passwords, or better yet, let an app make and remember them for you. Make your passwords very long. Your enemy isn’t some guy in a ski mask trying to guess your password one try at a time. It’s a program that automatically runs through massive databases of common passwords or random combinations of characters. The best answer to that is a very long string of words. As the webcomic xkcd famously pointed out, a bunch of plain words is pretty good. But as many hackers use “dictionary attacks” to guess regular words, it’s best to add some capital letters, special characters, or numbers. Don’t use a common phrase. But don’t use the same bunch of plain words as everyone else. If your password consisted of the entire script of Hamlet, it would still be unsafe if everyone else had the same password. So is a famous movie line, or a Bible verse, or even an acronym of a Bible verse. As we’ve established time and again, your clever tricks aren’t protecting your password. They got all sorts of bugs and weird crashes, and didn. Sometimes humans do try to crack passwords, so don’t help them out by using your son’s birthday or the phrase printed on your favorite coffee mug. Test your password. If you use a password manager, it’ll test your password in real time, on the safety of your computer. The sites How Secure Is My Password?, How Big Is Your Password?, and How Strong Is Your Password? But they won’t warn you about common guessable phrases, like those Bible verses. Of course, typing your passwords into unfamiliar sites is a bad habit. These sites are safe, as they’re all publicly run by trusted developers who promise that your entered text never leaves your computer. Still, to be safe, just use these sites to get the gist before you make your real password. Don’t reuse your password. When your password on some web service gets hacked (and it will), you’d better hope you didn’t use the same password on three other services. Don’t use a weak password for services that “don’t matter,” because some day you might give one of those services your credit card info, or use it to authorize more important services, and you won’t think to beef up your password. Yahoo has confirmed that information from at least 5. Here’s how: Your “random” string of words will be something like “monkey dragon baseball princess,” four extremely common password words, and a computer will guess it. You’ll pick something memorable, which will limit your options, and a computer will guess it. You’ll manage to make a password a computer can’t guess, and you’ll forget it, and you’ll have to replace it with a weaker password, and a computer will guess it. You’ll pick something identifiable to anyone who follows you on Twitter or Facebook—like your dog’s name—and a human will guess it. Internet standards expert, CEO of web company i. Fusion Labs, and blogger John Pozadzides knows a. This is the only reliable but convenient way to manage the vast quantity of passwords that modern life requires. The current best in class is 1. Password. If you don’t care about the detailed differences between managers, just grab this one and follow Lifehacker’s setup guide. Using a password manager is basically internet security 1. All these apps will create and remember your passwords. And all of them tell you how secure each of your passwords are. Some even alert you when the services you use get hacked, whether or not you were personally exposed. You have a ton of options for password managers, but when it comes to your security, you want the. It focuses on local storage rather than cloud solutions, and it even lets you use a file to unlock it, so you could turn a physical thumb drive into your “password.”Cloud- based services like 1. Password and Last. Pass are more vulnerable to remote attacks. But because they heavily encrypt your data and don’t store your master password, you’re still safe even if those services are hacked—as long as your master password is too hard to crack. In fact, you’ve been meaning to set one up for. Follow all the rules above to create a strong master password, especially if you sync your data. Otherwise, if your password service ever gets hacked, the hackers will also guess your weak master password, and they will swim around in all your accounts as in a silo of Scrooge Mc. Duck money. Now if you just have to write that master password down, do it on paper, and keep it somewhere safe like your wallet. Don’t write “MASTER PASSWORD” on it. Rip it up as soon as you’ve memorized it (which will take just a day or two, thanks to the muscle memory of typing it in every time you log into anything). Don’t forget your master password, or you could be completely and utterly screwed. Using a password manager is smart security. That’s nothing new. However, the best password managers . Some of Opera’s saved passwords were partially hacked last year. Even Google accounts are vulnerable. A hacker doesn’t have to defeat Google’s security—they just have to trick you, and it’s a lot easier for hackers to pose as Google and request your login than it is for them to pretend to be your chosen password management app. If your Google account gets hacked, you’ll be in enough trouble without also worrying about all your saved passwords. Follow the rules every time. Of course, your bank, your doctor’s portal, and your library are still following the outdated security recommendations, so they’ll still force you to follow weirdly specific rules for password creation, like making you start with a letter or include one symbol. Then amend that password as minimally as possible to comply with the service’s specific rules. Do your password editing inside your password manager, so it can alert you if you’re turning a strong password into a weak one. We’ve covered how to create a memorable password if you absolutely have to. But since all our recommended password managers offer mobile apps (Kee. Pass recommends certain third- party mobile ports), you can save your password anywhere you go. There’s just no reason to make up your own password. Use two- factor authentication. While it isn’t foolproof, two- factor provides a layer of security for only a minimal loss of convenience. But not all two- factor is equally secure. Dedicated authentication apps are a lot safer than just getting a code over SMS. But both are safer than a password alone. Two- factor authentication is one of the most important ways to protect your accounts. More like insecurity questions! I’m fun at parties. Point is, the concept of security questions made some sense when they were used in 1. Google up your mother’s maiden name, where you went to high school, or your favorite ice cream flavor, then call Amazon tech support and pose as you. A few security- conscious web sites allows users to write their own security questions, and web. Security questions are for talking to humans, not computers, so you don’t have to add weird characters to your answers. Instead, you want to pick wrong and uncommon answers. What high school did you go to? Scoobert Doobert High. What’s your mother’s maiden name? This is where you can put all that clever energy that you’re not allowed to put into your passwords. But so is everything else. Fingerprints can be stolen, two- factor texts can be rerouted, keys can be copied. As tech reporter Quinn Norton put it, everything is broken, and as writer/programmer Dan Nguyen put it, everything is (even more) broken. Security technology is a race between the good guys and the bad guys, and it’s just impossible to have perfectly secure technology without sacrificing many of that technology’s benefits. Orioles Score Six Runs Before Recording Their First Out. The Rangers’ gamble on Tyson Ross—who missed all of last year with shoulder inflammation and entered this year recovering from surgery for thoracic outlet syndrome—hasn’t paid off too well as of yet. It really, really, really didn’t pay off tonight. Ross allowed six runs to the Orioles before recording his first out of the night. He gave up two singles, a walk, a double and two home runs before he finally managed to retire just one batter. Ross was put out of his misery and pulled midway through the fourth inning after leaving the bases loaded, and Chris Davis promptly hit a grand slam off reliever Austin Bibens- Dirkx with his second home run on the night. Baltimore walked away with a 1. Ross, meanwhile, boosted his ERA to 7.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
October 2017
Categories |