The password is the oldest way to identify someone in information technology, with its first use at MIT in 1961. A lot has changed since then, but the basic concept of a password has remained. Password theft happened almost immediately, as researchers helped themselves to more than their allotted portion of computing time. Today’s password thieves have much more nefarious goals. With the stakes higher, we need to get with the times and rethink how we use passwords.
Remembering one strong password is not a problem, two is manageable as well. Unfortunately, users have dozens of passwords from social media accounts to online banking. This has led many to fall into some unsafe habits, such as reusing passwords or choosing weak passwords. A password can be weak if it is too short, like “dog1”, uses patterns like “a1b2c3”, or contains discoverable personal information like the name of your dog, “Boomer”. Reusing a good password wouldn’t be so bad, until inevitably a service you use has a breach. At that point, the security of all your accounts may have been compromised. Thankfully, there some good habits that can modernize your password practices.
The smart way to make strong passwords and keep track of all of them is a password manager. A good password manager provides you a safe place to store your passwords, will generate complex passwords for you, and will allow you to easily use a unique password for all of your services. You will only have to remember one password, so you can make it a very strong one. Having one strong password you use for one service is better than dozens of weak passwords for dozens of services.
The best way to reduce the risk of a stolen password is 2-step verification. With a password, you prove you are you by something you know. With 2-step verification, you also prove it with something you have, generally your phone. It is rare that someone would have both, and thus a stolen password doesn’t have to mean stolen data. More and more services offer 2-step verification, and at a minimum you should enable it for your email accounts and password manager.
Guides for enabling 2-step verification and password manager recommendations can be found at security.harvard.edu. These two habits are the best way to upgrade the way you use passwords. Retro music and clothing from the 60’s might make a comeback, but let’s keep retro passwords a thing of the past. / How to Make a Strong Password
Method 1:Convert a long phrase to a string of characters.
Choose a personal phrase and reduce it to the first letters of each word, working in some numbers, capitalization, and punctuation.
Mccic:Iiig,web? -> Mint chocolate chip ice cream: If it isn'tgreen, why even bother?
Method 2: Choose four random words.
Use a large dictionary or a random word generator to select your words. Misspelling a word or peppering punctuation and numbers can help.
rubbishConsiderGREEENSwim3
How to Make a Weak Password
Four digit years
19XX, 20XX, other anniversaries or famous years like 1776 or 1066
The word "password"
pass, password, p@$$word or any variant
Sports references
footballfan, hockey, gosox
Names
Pets, spouses, children, grandchildren, celebrities
Personal information
Your name, email address, phone number, or social security number
Keyboard patterns or sequential numbers
qwerty, asdf, 123456
For more information, visit security.harvard.edu.