Protecting over 200 million PCs, Macs, & Mobiles – more than any other antivirus

May 30th, 2011

How to create a secure password (the not-boring way)

You’ve probably seen applications for generating passwords. For those who have not, this is how the process actually works:

  • application for generating passwords is downloaded
  • user runs the application and presses the “generate” button
  • a string appears that looks something like this: I8kjH9s&ER1()G
  • this string is used as a password for his Mail / Facebook / Twitter / …

And now, the user has two options:

  1. he’ll forget his new password immediately
  2. to ensure that the new password is not forgotten, he’ll write it down on a sticker and put it on the computer monitor. If the user has other computer-generated passwords, he will place this “my email” sticker  on top of the existing stickers.

So what’s the deal? Why am I telling you this? Because in a moment, we’re going to learn how to create secure passwords – and you’ll see that you are going to change passwords more often than you have previously. Because creating passwords can be fun.

Let’s start!
So, first lession. Because we all love Rick Astley.

http://www.youtube.com/watch?v=CwnnSSs0kFA

Let’s get his most known lyrics:
Never gonna give you up
Never gonna let you down
Never gonna run around and desert you

…get the first letters of all words:
NggyuNglydNgraady

…and here we have a nice password! Right, it’s a bit long…
This song was released in 1987, so:

Final result: Nggyu1987NglydNgraady

 

If you’re a Pulp Fiction lover -

Honey Bunny: I love you, Pumpkin.
Pumpkin: I love you, Honey Bunny.
Pumpkin: Everybody be cool, this is a robbery!

Final result: Ebc,tiar!

 

If you’re a hip hop fan, you’d probably like a password created from Grandmaster Flash‘s The Message.

Don’t push me ‘cuz I’m close to the edge
(I’m trying not to lose my head)

DpmcIctte

Year when released: 1982

Final result: 82DpmcIctte

But, don’t ever, ever do this:
- use any part of your name, username, email or “what I like” in a password
- use sequences such as “abcd” or “123456″ (this is most common password, according to some research, followed by “password”)
- set “qwerty” as your password
- use common words (or anything that can be found in dictionary) like “monkey”, “consumer”, or “internet”
- give your password to anyone else
- send your password by email
- write and post it in a nearly public space – such as above your computer.  Try to memorize the password, avoid writing it down

Maximum password security requires at least seven characters, a mix of upper and lower case, a few symbols, and a sense of humor. Whoever said security couldn’t be fun?

  1. hm
    May 30th, 2011 at 14:30 | #1

    reminds me, when I was working in a big corporation 10 years ago, we got 6times a year passwords such as: “I8kjH9s&ER1()G”, and then it took you only two minutes to “crack” this password. Simply by calling someone from the office and claiming you are from the IT department and that you need the password to install the new version of the software :oDD

  2. Tech
    May 30th, 2011 at 14:55 | #2

    It took me 1min37sec to crack a big Windows 7 password last week…
    People mix security with security feeling.

  3. May 30th, 2011 at 17:32 | #3

    really great post ,will try this :)

  4. Brian Vogelenzang
    May 30th, 2011 at 17:44 | #4

    I would take the song Roxanne from the police.
    Pass : RRRRRRRRRRRRRRRRRRRRRRRRRRRRRR
    Oh yeah.

  5. May 30th, 2011 at 21:39 | #5

    Well, for typical user, I think that password ‘Never gonna give you up’ is far more secure and better to remember than NggyuNglydNgraady.
    For the websites I prefer some salted hash from the domain converted to a ASCII string. There are some favelets javascripts for this.

  6. Aethec
    May 30th, 2011 at 22:24 | #6

    …Gentlemen, we just got Rick Roll’d by Avast Software.
    Well played.

  7. May 31st, 2011 at 06:45 | #7

    Hi Mira,

    Thanks again for your educated articles, keep go forth to share your articles…

    cheers,
    Yanto Chiang

  8. drale
    May 31st, 2011 at 11:32 | #8

    I’ve seen article stating three word password is takes forever longer to brute force than a random letter one of the same length

  9. Left123
    June 1st, 2011 at 18:40 | #9

    Rick’Rolld haha

  10. desislava velcheva
    June 10th, 2011 at 17:31 | #10

    THANK YOU FOR SUPER AVAST!

  11. yossarian
    June 10th, 2011 at 20:55 | #11

    ‘Thank you for this blog. That’s all I can say. You most definitely have made this blog into something thats eye opening and important. You clearly know so much about the subject, youve covered so many bases. Great stuff from this part of the internet. Again, thank you for this blog.”

Comments are closed.