Making strong password guide

Juggernaut

Interwebs Mechanic
Staff member
Administrator
Joined
Jul 20, 2006
Messages
3,129
Likes
902
Points
143
Age
41
Location
Ireland, Galway
#1
Hi folks,
over the last year I been doing my Thesis on Multi-factor Authentication (IE passwords and proving who your are in a computer system or network), So i have a decent knowledge on what is a good password and how to make it strong.

For All officer and Members in the outfit I really suggest using a password manager, I use Lastpass password manager it free to use, works in all browsers and has a Separate program for applications .

When you register on a site or program it will generate a Random password for that website and remember it for you. next time you login it will auto login for you , without typing your password, all of this is done with touching a keyboard, so keyboard logger won't work. plus your passwords are random on every site you use.

Just make a really strong password for Lastpass :

To create an Strong password that is hard to crack:

Pick a sentence you can remember easily.
[ul]
[li]This could be a summary of a significant event, a description of your favorite place or the first difficult sentence you learned in a new language.[/li]
[/ul]

Combine word segments to form a new string.
[ul]
[li]Make sure the string is at least 8 characters long. Strive for 10 or more characters, though. Your password's length is probably the prime ingredient for security.[/li]
[li]Combine word endings, beginnings and other parts similar to how new words are formed out of two existing words. Make sure the resulting string is easy to remember and has nice ring and rhythm.[/li]
[li]Do not use too mechanical a process — like using every word's first character, for example.[/li]
[/ul]

Capitalize two or more characters where it makes sense.
[ul]
[li]Pick the "words" that convey your sentence's core message, for example.[/li]
[li]Do not just capitalize the first or last character.[/li]
[li]Some email systems may not regard to case in passwords. I'd still use the mixed-case password in these cases, except when the email service does require an all-lower-case password.[/li]
[/ul]

Introduce two or more numbers, dots, ampersands or other special characters.
[ul]
[li]Look for places where punctuation makes sense in your string, preferably somewhere in the middle.[/li]
[li]Of course, do turn numbers (in your original phrase) into digits. You can also replace "for" with "4", and look for other expressions that lend themselves to being turned into numbers easily.[/li]
[li]Some email services may not allow extra characters. Make sure you have an all-character password ready and well-established for these.[/li]
[/ul]

Include a character or two derived from the email system for which the password is used.
[ul]
[li]Make sure you can easily reproduce the characters you come up with.[/li]
[li]This creates a unique password for each email service.[/li]
[/ul]

e.g. "I have 2 dogs called Rover and Fido"

= ihave2dogscalledRoverandFido