Computersight -

A strong password is the first line of defense to guard your e-mail and social site identity. Recent attacks and hacks into e-mail providers and sites like FACEBOOK continue to happen. Most people are at least partially to blame for being hacked because of their weak password encryption. A mixture of upper and lowercase letters is good, adding numbers is better and to these, also adding special characters is best.

The name of your first or favorite pet or make/model of your first automobile might make for a good ‘recovery question’ in the event you forget your password and need to recover it, but it makes for a poor choice for the password itself. “OldsmobileOmega” is a guessable password and thus would be one of the first password-protected accounts to fail, especially if you drive (or used to drive) such a car or live in a city that produces cars (Detroit, for example) or have some openly known association with that brand and/or model of that car (car dealer, mechanic, fond of races or derby, etc.)

A rallying cry for a favorite sports team is bad choice for a password too, even worse if you live in that team’s hometown city. “GoDenverBroncos” would be a terrible, terrible choice for a football fan’s (or anyone else’s for that matter) password in the football team’s home city of Denver, Colorado for example. Think about how a hacker might view you and your computer usage. Your sense of likes and dislikes. Then, don’t do that. Do something completely different.

E-mail, social and other password-protected sites provide use of such ‘recovery questions’ usually using a ‘relaxed’ question like this. A question like “what is your mother’s maiden name?” because even if a hacker gets into their system and gets to this page, submitting the correct answer (or even submitting a wrong answer as well) to the question will only send a notification and re-set application to your selected valid e-mail account indicating that an attempted access of the account was performed, but not breached.

Safe and Unsafe Words to Use as Passwords

Any word that can be found in an English language dictionary is a bad password choice. A direct attack can parse these words and combinations thereof against the possible password until a ‘hit’ is recorded. Many a user-account has been accessed by strong-arm hackers this way using automated submissions. This is how Facebook accounts are hijacked and held for ransom. The first thing the hacker will do then, is to re-set your password and e-mail account thus preventing you from legitimate entry and access.

Obfuscating a password is better, -changing some aspect of the word to make it somewhat unreadable. Forgetting for a moment that most sites only allow for three incorrect guesses at password before they ‘block’ you for 15 or 20 minutes, let’s examine a moderately strong password. Using the common word “examples” we see that it is an 8-letter long word (which is good if not merely minimal) but because it exists in the dictionary it can be in a database of hacker test-words used when hacking a site.

Now we will change the word a little bit: “example” can become “ex@mp1ez” and as you can see, changing the “a” for the special character ampersand (”@”), the “l” for the number one “1″ and the “s” for a phonetically-similar “z” we just made a harder-to-guess word that likely does not exist in any dictionary. Harder to guess, but not impossible.

Inclusion of one or two UPPERCASE as well as lowercase letters continues to make this harder to guess as passwords are ‘case sensitive.’ Use of and inclusion of any one or more of the special characters ( !, @, #, $, %, ^, &, *, (, ), _ ) takes it even further, adding thousands more possible combinations. The password almost becomes “leetspeak.”

What is Leetspeak?

Leetspeak (also called “hakspeak”) is like texting messages; replacing alphabetic characters with numbers and symbols that ‘look similar’ but tends to defy rationale. Leekspeak is more ‘human compatible’ than ‘computer-friendly’ which will not understand the word at all. It is nearly “CAPTCHA” in its computer ‘bot unfriendliness.

The word “leetspeak” in its own language becomes “13375p34k.” Notice that the letters “e” become the numeral “3,” the “s” is the number “5″ and again with “e=3″ and finally, the “a” is the number “4.”

It takes practice to recognize the meaning behind leekspeak, making it a preferred method for young teenagers to text each other with secret messages via cellphone and other handheld devices. They enjoy a small sanction of code protection that most adults would be quick to dismiss.

Running several words together and re-writing it as leetspeak would make it much more difficult for a hacker to break into a user’s account. So, if a password is the name of your cat (let’s assume the cat’s name is “Sylvester”) then your password could be “SylvesterTheCat” which in leetspeak becomes “Sy1v3573rT|-|3C47.”

C’mon admit it, the “|-|” substituted for the letter “H” is difficult to grasp at first take and harder to guess its meaning.

Assuming that someday someone creates a leetspeak decoder and runs this against tougher account passwords, you can include a few digits in the naming convention as well. -The year you were born, your shoe size or waist/length of the pants you wear, -something. This then makes a virtual iron gate of impenetrability for your password-protected user account. You have alphabetic, numeric, mixed-case and special characters in your password. Virtually hacker-proof!

Some sage advice that has been passed around for quite some time is to treat your password the same way you treat your toothbrush: that is to say, don’t let anybody else use yours and get a new one every six months.