7 steps to crafting the perfect password

Seven tips to help you create the perfect password. (REUTERS/Michael Dalder )

Your password can ruin your life. I know that sounds dramatic, but it is true. If someone figures out your email and password, you are in trouble. Social media? Even worse. As soon as hackers gain access to your online bank account, they can wreck your finances, and you may feel the consequences of that break for a year.

It seems not a week goes by that we don’t hear about another security breach. How do you know if the hackers have your info? Click here to find out if your email is hacked or stolen.

Most of us have the wrong idea about passwords. We think that they are too complicated messes, such as F$%Th5l2K!&. This theory — that passwords should be nonsensical and hard to remember — ruled year.

It started in 2003 with the guidelines of the National Institute of Standards and Technology (NIST), who insisted on random combinations of letters, numbers, and symbols. The organization of the manager, Bill Burr, spread this gospel for years. But in a recent interview with the Wall Street Journal, he admitted that this is not as effective as he had thought.

Thanks to a new round of the survey, cybersecurity experts have their tune. Yes, you should still avoid guessable passwords like “p@ssword1” or “letmein.” But a strong password can also be logical, smooth, and easy to remember.

More about this…

  • Update: How to prevent a KRACK attack on your Wi-Fi

  • I have the new robocall scam that is fooling people in America

  • iPad owners must know this insider trick

1. Passwords should withstand 100 guesses

This is the most important part: it doesn’t matter what your password is, it should withstand 100 guesses, which means that it is not bound to any public information about you or your family.

Hackers often turn to your social media profiles to find information about you, such as your date of birth and the name of your pet. And a little data goes a long way. Experts believe that criminals think that the average person has the password of almost 73 percent of the time, and they can often access other accounts with the help of small variations of the same password.

Facebook makes it easy to share your life with your friends and family. Unfortunately, there are some things you should not share online. These pieces of information can put you in danger of identity theft, losing your job or causing other big headache. Click here for five of the biggest offenders, you may not be on your profile.

2. Use a sentence

Instead of thinking of your password as a secret code, refer to it as a “passphrase.” These are sequences of words that are both easy to remember, but difficult for someone else to crack.

Suppose that you wanted to be an astronaut when you were a kid, and your favorite color is fuchsia. You have never mentioned these facts online, and only your mother knows such facts. You could establish a password as “ilikefuschiaastronauts.” You’ll never forget it, and the passphrase will confound hackers for (literally) centuries.

I told how to create a good passphrase to something more than a year ago, and the advice is still valid. Go here to come up with your own.

3. Go long

You might want to sit down for this: The new NIST guidelines suggest that allows users to create passwords of up to 64 characters long. As if that wasn’t bizarre enough, the guidelines also spaces between the words. Although many people just try to meet the minimum requirement of eight characters, you get a much stronger password by stretching things out.

You can, in theory, make a complex list, or a sentence that still makes sense for you. You can view a list of all your pets’ names from childhood, such as “fluffy princess rex spike booboo chewie,” or all the streets on the way to your favorite restaurant

if “academy main washington ohio central.” Easy to remember. Difficult to crack.

4. Do not change your password until you have to

Until recently, consumers were advised to change their passwords every three months. But as NIST Paul Grassi, recently told the Institute of Electrical and Electronics Engineers, “Maturity is not a motivator for the creation of a brand-new password, it is a motivation to shift one character, so that you can remember the password.”

If you have created a strong password, you don’t have to worry about the change of the time. Just stick with it, unless you have been notified of a breach in security that requires a password reset.

5. Choose something memorable

Remember, all passwords must be unique, but they don’t have to be cumbersome. NIST mentions of passwords secrets.” You want to avoid the temptation to write them down, so choose passwords that mean something to you and you will in your thoughts.

I’m not a big fan of password managers. I put my passwords in the memory. But if you can’t do, here is a free program that helps you store your passwords safely and easily.

6. Creative with characters

The can websites some time to catch up to the latest NIST guidelines, but you can still create a memorable password that meets the current constraints. Go back to Burr’s advice on passphrases. You could opt for something like “ArizonaCardinalsfootballisnumber1!” or “Igivemyjob1000%on a daily basis.” That meet the requirements of having at least eight characters, special characters, uppercase and lowercase letters.

7. Use of two-factor identification

While passwords help protect your data, cyber criminals are more sophisticated than ever. If they break into your accounts, you may not recognize the damage until it is too late.

Months went by before the public learned about the Equifax infringement, and it is difficult to estimate how much information was leaked and how it will be used. (If you haven’t checked to see if your personal data in the hands of cyber criminals, click here and do it now.)

That is the reason why two-factor authentication is so important. Via sms messages, e-mails or special apps, an account-holder will receive a notification each time a password is changed, or when it is included on a new device or a new location. You will have to verify that you are trying to access.

How do you do this? Click here and I’ll walk you through a few simple steps to set.

What questions do you have? Call my radio show and click here to find it on your local radio station. You can listen to the Kim Komando Show on your phone, tablet or computer. Of the buy of an opinion to the digital world problems, click here for my free podcasts.

Copyright 2017, WestStar Multimedia Entertainment. All rights reserved.

Learn about the latest technology on the Kim Komando Show, the nation’s largest weekend radio talk show. Kim takes calls and provides advice on today’s digital lifestyle, from smartphones and tablets to online privacy and data hacks. For her daily tips, newsletters and more, visit her website at


Follow us

Don't be shy, get in touch. We love meeting interesting people and making new friends.

Most popular