Strengthen your passwords, but not in the way you'd think. Get-It-Done Guy has a few clever tricks for using strong passwords on your mobile device.
Now that she knows for sure that the NSA is spying on our every move, my pal Bernice has become ever so worried. She wants her wedding plans to be a surprise for her fiance Melvin, and is afraid that some of the juiciest details—like the trained giraffe's dance number—will be leaked to the media (in her shoes, I’d worry more about leaks to the health department). She’s come to me asking for help making her GiraffesRUs.com account secure.
Use a Strong Password
First, I told her to make sure she’s using a strong password. Tech Talker did an episode on choosing a strong password earlier this year. He recommends using a long sentence, with capitalization and punctuation, if your web site allows it. Astonishingly, for example, my bank limits passwords to 14 characters with no special characters, thus guaranteeing it can be broken into by a 12-year-old with minimal computer skills.;
Bernice likes the password sentence, “I love Melvin!” But it’s weak. The sentence can be guessed by anyone who knows her. And the NSA knows her really, really well. Also, the sentence is grammatical. A recent paper from Carnegie Mellon and MIT found that using grammatical sentences makes it much easier for perpetrators to guess a password. And finally, she capitalized and punctuated correctly, so that's a problem.
To make her password more secure, she made it ungrammatical, capitalized incorrectly, and put punctuation in unexpected places. Her new sentence reads, “melvin sliderule 432 Hearts my Forever! schmoopie.” “Melvin” is not capitalized, while “Hearts” and “Forever” are.