Posted on 1st February 2012 in 
with 
by 
Anders Technology Services is a big proponent of web security. We are issuing a reminder as a service to our readers that it is important to change your passwords AT LEAST once a year.
Chances are, even if you haven’t had money stolen from you random emails sent out or your things being deleted. Your password has been leaked somewhere in the past year (there have been a lot of major security breaches in the past year).
Technically we should all have 3 levels of passwords, I rank them like this.
“I don’t really care”
5-6 characters alphanumeric
works for most sites that you just don’t care about/places that you don’t think your account will be hacked. I like to pick six letter words and then just transform them into “1337speak”
These passwords are great for actually logging into your desktop/netflix/whatever, or something that you’ll have to type in a lot, its more of a formality to stop other human beings from hopping on your stuff, not to stop “1337 hackerz” from getting into your important data.
Example: M0v3m3nt
This is somewhat important/will effect my life if someone gets hold of it
I would use this for my youtube password, facebook etc… You don’t want it to be too inconvenient to type in if you go to a friends house/you don’t like to save your passwords to your browser so you should keep it to two unrelated words around 6-7 words each, possibly with a number or symbol in place of the letter.
Example: G0rgeous M0v3m3nt
Bills/Email/other really important places that have information that you don’t want to be public domain it would ruin my day if some random person on the internet got access to this.
For this I like to use a sentence that I can type relatively fast that is under 20 characters total, throw in a few caps, maybe a symbol, you can build your passwords on one another if you like (although its not particularly secure). This is the password that noone gets, if you share your first password that’s up to you, you probably shouldnt share you second password, and you definitely shouldn’t share this one.
Example: Cacophonou$ G0rgeous M0v3m3nt
In all reality you should be changing your level 1 password every 2-3 months, your level 2 password every 4-5 months and your level three password every 6-7 months.
These passwords don’t need to be a random conglomeration of numbers and letters, that just protects them against a human figuring them out via observing.
An additional note, a password of a random sentence can protect you against key-loggers (as it may or may not seem like you’re typing out a password, whereas “’417$$2 l=”5L&9″ typed regularly in sequence is almost assured to be a password.
http://passphra.se/ for an XKCD style password generator
NOTE:
You can be court ordered to unencrypt your data, so if you are trying to hide your information from legal channels, well, that’s just too bad.
Fun Fact: it would take the average home PC about 809 thousand years to crack the password P4$$\/\/OrD
Resources
http://howsecureismypassword.net/
Is a fun way to get a general concept of how secure your password is (its not incredibly accurate though and does not account for human involvement)
They have a sister site
http://makemeapassword.net/
which will help you think of words, even show you letters you can substitute.
Be safe!
You still have a chance to enter the giveaway!
It will be ending March 1st.
This giveaway features one free visual guide (yes, a guide with pictures) on the subject of your choosing, it will be printed on nice stock, bound (or sleeved) and mailed to you, as well as posted online as a downloadable PDF. Just shoot a tweet @anderstech, or leave a comment below with a link back to your blog to enter.
Excellent information…very informative and once again…easy to understand!