Bill Burr wrote the manual on how to create a secure password for your internet-based accounts. It said that your password should be a collection of numbers and characters and you need to change in every 90 days. But now, 15 years later, Burr has told the Wall Street Journal that he was wrong. There is a better way for the password.
Those passwords with random numbers, uppercase letters or special characters are pretty easy for a computer programme or hacker to crack, even if they are tough for us to remember.
Research has shown that, in fact, these passwords can be cracked by a computer in as little as two or three days. Changing your password regularly can also make you likely to choose easier ones because you are constantly having to remember something new.
How to create a secure password today
The good news is that there is an alternative and it is probably easier for humans.
Instead of using a standard one-word password with a range of characters use a longer password or better still, create a passphrase. This is a string of words with or without spaces in-between. Research shows that a password like this can take around 550 years to guess.
Some tips for creating a good password or passphrase
If you are planning to reset your passwords for your WordPress login or other accounts now, here are some tips…
- Use at least four words in your passphrase or make your password 8-10 characters at the very least.
- Use a random selection of words. But make it memorable – think of something you could picture in your add.
- Think about adding some capitals or symbols or shortening one word to make it even harder to guess
- Pick a phrase that is common, such as a well-known book quote or song lyric
- Use anything too personal that someone could guess from your online profiles
- Use repeated patterns or sequential numbers or letters
- Write your passwords down
If you have multiple online accounts, you should still have a separate password for each one. If you have trouble remembering many passwords, then think about using a password manager to secure your accounts for you. And if you are entering passwords or passphrases online make sure the site you are using is secure.