Creating Passwords and Trusting Sites


Using strong passwords can’t be stressed enough. The use of weak passwords has in the history of computing been one of the major security issues, and still today in the late 21st century it is one of the main security issues.

So, how can you make a strong password?

  1. You should avoid a password containing any single word or any combination of just common words, since your password can be found by a password-cracking program that uses dictionaries to combine words.

  2. You should avoid using only personal information, since that could be picked up by someone who happens to get your social security number, your middle name, your parents’ names etc.

  3. You should avoid too short passwords, because even random passwords that are too short can be cracked by so-called brute-force cracking programs that tests all possible combinations of characters until they find a match. When we’re talking about passwords online, in general passwords over 8 characters is quite an alright protection for these kind of password crackers, but remember: the longer the better.

Password Example #1

The strongest kinds of passwords, if you manage to remember totally random characters, are like:


Password Example #2

Since a lot of people might have trouble remembering such passwords, here’s a good alternative way. Use several random words (not a common sentence!), and add some numbers in between words (redwood, manager, barrel) , and also exchange some letters for a number or other character:


Password Example #3

If you need even something more easy to associate to, pick up elements from your life, that no one that you know could ever know. Let’s say, you pick the colour (yellow) of the fifth house on the right of the street where you grew up, the name of the second pet (garfield) spelled backwards, and a character (Jack Sparrow) from your favourite movie, but with some characters in the name replaced:


Even Stronger Passwords

To make these passwords even stronger, it would be a great idea to capitalize some letters in the passwords, like this:




When you are using words, another good tip is to use words from more than one language if you know more than one.

Also, if you are using a computer in a totally safe environment at home — where there never will be anyone looking through the papers in your desk drawers, it isn’t at all a bad idea to have a handwritten password there, in case you’d forget the password. However, never save a password on your computer — in case you ever get a malware infection or intrusion on your computer, that password might get picked up by the malware/intruder!

If you want some more technical information about how passwords are cracked by those sinister minds, you could start by reading more on these resources:
Wikipedia: Password Cracking
Wikipedia: Password Strength


One thing to always take in account whenever you put up any kind of information at all on the Internet: chances are that the information that once have been put online, stays online for as long as Internet exists. Information and files have a tendency to get copied to one place or the other, by both humans and different kinds of online spiders or services.

Therefore, ask yourself: will I always in the future be comfortable with this material being online?

Trusting websites.

History shows us, that people in general seem to trust that big sites on the Internet can be considered safe, because there are professional people keeping the sites secure. Again, history shows us that so is not the case. Many big sites have had major password database leaks, including big ones like Hotmail, Twitter and The Pirate Bay. Keep in mind: Internet security is a very complex matter, and no site online is 100% secure. This is a very good reason to use different passwords on different sites.


A common way of getting passwords, especially Instant Messaging or E-mail passwords, is to trick users to entering their login information on a site that looks official. Always make sure to check the address bar in your browser, so you don’t try to login on your mail account on the wrong server — even though the site looks exactly the same as it usually does.