GEEKNOTE: Passwords

Strong passwords will help reduce the chances of your account getting hacked.

GEEKNOTE: This past week witnessed the admission of two large websites that their customers' passwords had been compromised. This should not come as a surprise.  I am of the opinion that ANY website or Internet account can be hacked if someone wants in bad enough.

There is precious little you can do to protect your privacy if some three letter federal agency takes an interest in you. Post a few thinly veiled threats online against a high ranking federal official, and I can pretty much guarantee that, at the very least, you will be on somebody's radar.

For most of us though, it is pretty safe to say that there ARE some steps to keeping our Internet accounts secure.  The first step is to create a new password when you join an Internet site or create an email account.

Passwords need to be hard to guess. It helps if they are more than a few characters long, aren't words or easily guessed strings, and if they also include numbers and special characters.

Here are some examples of very weak passwords:


All of the examples above are susceptable to a so-called "dictionary" attack.  This is a brute force attack where the bad guy simply tries all sorts of common words to break into an account.  I've lost count of the number of people I've met who use one of the first four of these for one or more accounts.  The fifth one, a pet's name, is easily guessed if you post any information about your family online.

Even a stronger password can be compromised if you don't practice "safe computing". Giving your login and password to someone who calls you up claiming to be from your bank or credit card company would seem to be obvious, but folks do it all the time. This trick is called "social engineering" and it is highly effective. 

Clicking on attachments you get via email or installing software when you are prompted to by some website you've never visited before are two other ways that the bad guys can get enough control of your computer to snag your saved passwords and install a key stroke logger so they can get new ones. We caution or business customers especially about letting employees use company computers for personal things because of these threats. Once rogue software is on one computer in a network, it can easily spread to all the others it sees.

Don't use the same password everywhere. You don't want a compromised account on one site to result in everything being compromised.

So what makes a good password?

There are several things that can help:

  • Use a different passwords for different things. That way, if one is compromised, they aren't all compromised.
  • Use a combination of CaPiTal_Lett3rs and numbers and maybe even special characters in the password. Substituting the number 3 for the second e in letters is an example, as is the underscore between "capital" and "letters"
  • Create a password using the first characters of a phrase you can remember. AOL sent me a million disks over the years, so "Asmamdoty" would actually be a pretty easy AOL password that would be hard to guess, but easy to remember. Likewise the name "Patch" reminds me of flat tires, so "Sears plugged my tire in 2011" could become "Spmti11"

You could further improve "Asmamdoty" by changing the "o" to a zero.

You could improve "Spmti11" by substituting an exclamation point for the "i".

The key is creating something easy for you to remember that won't be easy for someone else. Here are some more examples that I might (but don't) use:

TRD1M (TheRubberDuckyIsMine)

Each of these could be used for a web login to one of the following sites. They would be impossible to guess from the website, but it should be a little easier to guess the website from the password. I even gave you a really easy hint on one of them. Try to match the password up with the website:

A Republican Party site
A Navy Veterans site
A Democratic Party site

Leave your guesses here, including why each matches and I'll give everyone the answers at the end of the week.

Rob Marlowe, Senior Geek, Gulfcoast Networking, Inc.


(Rob also serves as deputy mayor of the City of New Port Richey. Opinions expressed here are his own and do not necessarily represent the position of the city.)

This post is contributed by a community member. The views expressed in this blog are those of the author and do not necessarily reflect those of Patch Media Corporation. Everyone is welcome to submit a post to Patch. If you'd like to post a blog, go here to get started.

Rob Marlowe June 17, 2012 at 07:33 PM
GNRM2.99a - A collection of last year's GeekNotes by me is available as an ebook for $2.99 on Amazon.
Rob Marlowe June 17, 2012 at 07:35 PM
IanacRMNCtd - I am not a crook - Richard M Nixon made a famous speech saying they planned to keep Checkers (the dog) that had been given to them. We'll count this as an "SPCA" password.
Rob Marlowe June 17, 2012 at 07:36 PM
TRD1M (TheRubberDuckyIsMine) - Famous last line from the bathtub scene in "The First Family" where JFK is sorting out which bath toys belong to Caroline and John Jr. - We'll mark this one as a good password for a Democratic Party site.
Rob Marlowe June 17, 2012 at 07:40 PM
DPRKnc91268 - A famous news conference by the Democratic Peoples Republic of Korea on September 12, 1968 where the skipper of the USS Pueblo described their incursion into North Korean waters using the UCMJ definition of rape. This was only one of the ways that the skipper and crew let the outside world know of their resistance while in captivity. If you hadn't guessed, we'd use this one for a Navy site.
Rob Marlowe June 17, 2012 at 07:42 PM
SMcQMustang68 - This one should have been the easiest... Steve McQueen starred in a movie with a 1968 Mustang. The movie? "Bullitt", of course... Hence a good one for an NRA site.


More »
Got a question? Something on your mind? Talk to your community, directly.
Note Article
Just a short thought to get the word out quickly about anything in your neighborhood.
Share something with your neighbors.What's on your mind?What's on your mind?Make an announcement, speak your mind, or sell somethingPost something
See more »