Revisiting password ideas, there is a lot of suggestion that passwords are dead, old fashioned, going away, or just don’t work. Soon we’ll have bio devices that take their place and are hack proof? OK, let me know when that happens! Especially if they are common-place and affordable (and actually work).
Many people have moved to the idea of pass-phrases. I’m for that! Sort of fits the original ideas. Just don’t forget the basics!
One strong suggestion in pass-phrases: have at least one non-dictionary word. Pass phrases made from a small number of dictionary words are actually slightly more prone to automated attacks than traditional passwords. Or, use our earlier ideas of mixing in a a number that triggers a sequence of special characters. And even though a pass phrase meets the longer is better requirement, you still want to be unique for each site.
Pass-phrases that are mixed case, have numbers, or special characters, are better than the ones that don’t. Arguable: leave the spaces out and use mixed case to make the password better. Example: 9AugustIsMyBirthday (which I still think is better than MyBirthdayIsAugust9 although since I’ve now published my birthday, neither is a good phrase!)
I use passwords AND pass-phrases. Ahead, pass-phrases will become my standard, I do believe, if we don’t find a trustworthy and affordable biometric solution.
- WHY good passwords matter
- Five Thoughts on Good Passwords
- Password Ideas
- Longer is Better
- Unique Passwords for Each site
- Recurring Password Changes?
- Security Questions
- Password Managers
- Passwords or Pass-Phrases?
- Password “type-ability”