Imperva, a security company, has made some suggestions to NASA about passwords to they can protect their secrets about alien space invaders.
Here's what they recommend:
- It should contain at least eight characters
- It should contain a mix of four different types of characters - upper case letters, lower case letters, numbers, and special characters such as !@#$%^&*,;"
- If there is only one letter or special character, it should not be either the first or last character in the password.
- It should not be a name, a slang word, or any word in the dictionary. It should not include any part of your name or your e-mail address.
Following that advice, of course, means you'll create a password that will be impossible, unless you try a trick credited to security guru Bruce Schneir: Turn a sentence into a password.
For example, "Now I lay me down to sleep" might become nilmDOWN2s, a 10-character password that won't be found in any dictionary.
Can't remember that password? Schneir says it's OK to write it down and put it in your wallet, or better yet keep a hint in your wallet. Just don't also include a list of the sites and services that password works with. Try to use a different password on every service, but if you can't do that, at least develop a set of passwords that you use at different sites.
Last year, Imperva looked at 32 million passwords stolen from RockYou, a hacked website, and released its own Top 10 "worst" list:
1. 1234562. 123453. 1234567894. Password5. iloveyou6. princess7. rockyou8. 12345679. 1234567810. abc123
Tech company Splashdata also compiled a list of the worst:
1. password2. 1234563.123456784. qwerty5. abc1236. monkey7. 12345678. letmein9. trustno110. dragon11. baseball12. 11111113. iloveyou14. master15. sunshine16. ashley17. bailey18. passw0rd19. shadow20. 12312321. 65432122. superman23. qazwsx24. michael25. football
My recommendation, on advice from the Gumbo Blog High Tech Security Division, is that you create one giant password out of those lists. This will also help you develop your memory.
