Choosing a password…

My wife received an email from a good friend recently that contained a link to a website. My wife is pretty internet-savvy, so she was wary of the link, despite the source, as the email contained just the link, no subject and no other content. However, it did throw her a little because it was sent to other mutual friends as well (listed in the to field).

It was evident that the source friends email account had been compromised*, which prompted me to write this blog post about passwords and what makes a good choice of password.

There are many good articles on password selection that I highly recommend you read:

• CERN Computer Security’s Password Recommendations; great read on what makes a good password with some videos on the topic.
• WordPress’s own article on password selection
• Wikipedia article on password strength; if you’re keen to get into the nitty gritty.

However, these are the rules of thumb that I generally keep:

• Never use a single dictionary word or name;
• Make sure it’s more than 8-10 characters;
• Use punctuation marks or other characters (e.g. !, ?, #, $, & etc);
• If you’re worried about forgetting your password, use a password manager app (The WordPress article above lists a few).
• Change them, if you can, regularly (the password manager app helps with this).

If you have any other suggestions or articles on password security, feel free to post them in the comments section.

* I have no knowledge of the strength of my wife’s friends password, I just thought it would be good to reiterate password strength in light of the situation.