26/2/18

How to create extremely safe password (which you can remember)



After SamSam's Ransomware huge attack yesterday in USA, we take the opportunity to remind you folks:
Please do not take security of your infosec lightly.
Use strong passwords, especially when your business/life depends on them.
We see cases everyday where people should have been more careful when they chose their password, but haven't. And now it's too late.
Ask your self this question:
"How much would it hurt if someone would break in my computer and delete/encrypt/steal everything?"
If the answer is anything else rather than "Not at all", please take this advice seriously.

SamSam took advantage of poor password choices and wreak havoc to an entire State. And SamSam is just an example...
Are you using strong enough passwords?
Check here:
https://passwordsecurity.info
/

If not, here are some tips for you to follow, so you can create extremely safe passwords which are easy to remember.

Surely, 
J7*kL0))&fTw#4 is safe enough, but can you remember it?
And even if you do, are you going to use the same password for all your applications?
Or are you going to remember

J7*kL0))&fTw#4 for Facebook
(6^bNm<.?;LkIII7 for Twitter
1@eRRtGb^[}=_= for Gmail


and so on?

Well, now you can 
Here's how:


STEP 1: Take a phrase you like and you will remember.

This can be your favorite song, a movie, a line or anything that you can think of.

Let's take as an example the phrase
Northwind is awesome


STEP 2: Make it one word and capitalize the first letter of each word

In our example it will be 

NorthwindIsAwesome


STEP 3: Add symbols

Change the second letter of each word with a symbol. You can choose a symbol with the help of your keyboard.

The second letter of the word "Northwind" is O. Look at your keyboard and find O, then draw a line towards the symbols on the numeric part of your keyboard. Above "O" are 9 and 0 on the keyboard and the corresponding symbols are ( and ) respectively.
You can choose the LEFT (ie. the "(" ) or the RIGHT (ie. the ")" ), but always use the same rule.
In our example, we will use the LEFT rule, ergo we will use the "(" symbol.
The second letter of "Is" is s, so our symbol is @
The second letter of "Awesome" is w, so we choose @ again. 

The more words you use in your password, the more symbols it's going to have.

So, now our password is N(rthwindI@A@esome


STEP 4: Make it unique
You can't use your password for all your applications and logins.
Let's say you need to make different passwords for Facebook, Twitter, Linkedin and your WellsFargo online banking accounts.

We take the name of the application we want to log in and add the first and last letter of it to our password.
But we also change them using the symbol rule from above.
So, for our Facebook example, F corresponds to $ and k to * so we add $ and * to the start and end of our password:

$N(rthwindI@A@esome*

Now, if we add this to http://PasswordSecurity.info we get

"It would take 705 quintillion years to crack this password"
In case you don't know how much a quintillion is, it's got plenty of zeroes :)
That is 705.000.000.000.000.000.000 years. Now, that's a long time!

Our Twitter password will be
%N(rthwindI@A@esome$
(we have added % and $ which corresponds to the symbols of T and r following the LEFT rule)

Our Linkedin password will be
(N(rthwindI@A@esome&

and our WellsFargo password will be
@N(rthwindI@A@esome(

Of course, you can make your own rules, for example you can change the 4th letter to a symbol or whatever.

Good luck!