Create a Strong Password

So to begin with, here are some poor decisions to make with your passwords:

DON'T write your password down on a sticky note and put it on your monitor, your pullout writing board or write it on your white board.

DON'T  say the letters and numbers in your password as you type them in.

DON'T use your child's name, your spouses name, your pet's name, your maiden name, or your parent's name.  I'll tell you how you can "sort of" do this later in this post.

And

DON'T tell all your friends, coworkers, or family your passwords.  The only exception to this is to tell your spouse/significant other the real important ones so they can get to money accounts or life insurance sites if you should pass away.

OK, Now let's build a strong password that the internet won't tell you is weak.

Start by reading the 3 appendices I have included.  I promise I am going to use information in those, so if you don't want to get lost, read them first:

Creating a Strong Password-Appendix-1 - Rules
Create a Strong Password Appendix 2 - Ciphers
Create a Strong Password Appendix 3 - Special Characters

Make sure you do at least 3 of the following steps to ensure the password you end up with is strong enough.

Step #1  Choose something you can remember
This is ok to choose a word that means something to you, a name, a thing, a building, a date, a former address (some of these are pretty strong all by themselves), anything that means something to you and that you can remember.

For an example for all these steps, I am going to use the word ANTELOPE

Step #2 write the word backwards (reverse cipher)

  ANTELOPE backwards is   EPOLETNA              (getting stronger already)

Step #3  Use a substitution cipher

I am going to use the following key for this step:

ABCDEFGHIJKLM
TUVWXYZNOPQRS 

so, substituting the letters from the word  
          EPOLETNA
from the key above, we get
           XJIRXAHT

(Remember, you can create your own cipher key to make it unique to you)

Step #4 Focus on repeating letters and substitute a number or special character in its/their place.
in our result from the last step   XJIRXAHT,    the letter X appears twice.

So I am going to substitute a + sign in place of the 2nd X so we get:
           XJIR+AHT

Step #5 Use both Upper and Lower Case Letters

           XjiR+aHt     Simple enough?

Step #6  Replace either a number or special character in your results

We want both numbers and special characters in there to keep the rule makers happy, so I am going to  replace the letter i with the number 1

           Xj1R+aHt


Step #7 Choose a letter to put one last special character substitution to finish it off.

That letter H is calling out to me, so I am going to replace it with 2 square braces [  ]  and a hyphen -  like this:

           Xj1R+a]-[t

And there it is!!               Xj1R+a]-[t          This is my new strong password.

with those special characters, the length turned out to be 10 characters long.  The longer the password, the more secure it becomes.

If I put this in a few password strength testers I get the following results:

http://www.passwordmeter.com/

https://howsecureismypassword.net/

I'd love to hear any of your own methods of building a stronger password.

Creating a Strong Password Appendix 1 - Rules

Most Sites/Security Systems agree on a basic set of rules to help make sure your password is sufficiently strong.  I will discuss the basic list.

Length

I just read an article about how 6 is NOT enough characters in your password.

They recommend 11 to 15 or more characters.    That's a lot to remember.

I used some of my tricks to  create a  password (13 characters long) and one of the password strength testers said it would take a desktop PC 51 million years to break!  That's pretty secure!


Don't Use Real Words

Most services and systems recommend NOT using a word you can find in a dictionary.

But what about words from a language that is not your native tongue?  How about from a dead language that is no longer spoken?

That might work.


Do Use Numbers

One way to use numbers is to substitute numbers for letters.   This is a BAD example, but what if you spelled the word PASSWORD like this?    P455w0rd   ?  Again that was a bad example.

Here are some number/letter substitutes:

L=1
Z=2
E=3
A=4
S=5
G=6
B=8
O=0


Do Use Special Characters

They recommend you use any of the followings Special Characters in your password:

~ ! @ # $ % ^ & *  ) _ + - = [ ] \ { } | : ; < > ? / \

for more info on that see:  Creating a Strong Password Appendix 3 - Special Characters


Do Use Both Upper and Lower Case Letters

This is a simple thing to do.  Just simply capitalize a random letter (or letters) in your password.

Example:   pasSworD


Reduce Repeating Characters

This is not only double letters:  paSSword, bOOKKEEper, or chEEse,

but a number, letter or special character that is used more than once in the password, like:

rHytHm, lEvEl, chEEsE, 18614,  or $tuise$


Avoid patterns

Patterns exist in numbers and letters.  Avoid anything like the following:

QWERTY    (Top row of Letters on Keyboard)
ASDFGHJKL   (2nd row of Letters on Keyboard)
ABABABABA  (
!@#$%^&  (Special Characters in order on very top row of keyboard)

13579  (Odd Numbers)
246810  (Even Numbers)

11235813  (Fibinachi Sequence)
3.14159  (Pi)
E=Mc2 (Einstein's Theory of Relativity)


Avoid Sequential lists

Avoid anything like the following:

ABCDEF
12345
ZYXWVUTS
5678XYZ

Create a Strong Password Appendix 2 - Ciphers

Ciphers

The password strength checkers all say NOT to use real words.  So one method of beating that system is to convert a real word using a cipher.

There are many types of Ciphers, They can be used in any combination to create a strong password.  I'll discuss several here.

Backwards Cipher:

PASSWORD = DROWSSAP
Simply spell your word(s) backward.  This is pretty good, but common words can be broken quite easily.     Never use MadamImAdam in a backwards cipher  (hint it is the same both ways).

Alternating Cipher

In an alternating cipher, you take 2 words and write them using a letter from every other word, like this  (I'll spell the 2nd word in all caps to help you see):

the words lettuce purple would convert to   lPeUtRtPuLcEe

To make this more tricky, you could spell the 2nd word backwards. like this (again, 2nd word is in all caps)

the words Lettuce Purple would convert to  lEeLtPtRuUcPe


Substitution Ciphers.

The can be created in any combination.  For Instance:

Simple Substitution Cipher:

ABCDEFGHIJKLM
NOPQRSTUVWXYZ

Simply substitute the letter above or below it.  For Instance:

If I substitute the letters in the word   password, I get cnffjbeq  p=c, a=n, s=f, etc.

That's all there is to a substitute cipher. but what if we want to get trickier?  Let's mix it up a little

ABCDEFGHIJKLM
ZYXWVUTSRQPON

This is just the same except the letters are arranged a bit differently; the second half of the alphabet is backwards.

If I convert the word password using this I get kzhhdliw.   Hey that's just as mixed up as before, but this time the cipher key is not as obvious.

Let's take it one step further:

ABCDEFGHIJKLM
TUVWXYZNOPQRS

in this case, I broke the bottom line at the letter T.  I added all the letters from T-Z and then ran out, so I started with N again to finish out the bottom line and ended with S.

Definitely NOT as easy to break the cipher key.

Again, these ciphers can be used in any combination to create a strong password.

I would keep a copy of the cipher in your shoe (just kidding) wallet or purse to help you in the event you forget the password you created with it.

Create a Strong Password Appendix 3 - Special Characters

These are potential substitutions for letters in your password.  The normal letter is at the left and its substitution follow each.  This is NOT a complete list.  Make up your own, use your imagination.

A   /\ (Forward and Back Slash)  OR /-\ OR 4
B   |3 OR |} OR !3 OR !}
C   ( OR <  OR [
D   |] OR |)
E   {  OR 3
F   |= OR !=
G   [- OR C- OR C, OR (;
H   |-| OR !-! OR ]-[
I   ][ OR | OR ! OR 1
J   _| OR ,| OR .| OR _! OR ,! OR .!
K   |< OR JUST <
L   |_ OR !_ OR 1
M   |v| OR !V! OR nn OR |\/| OR !\/!
N   |\| or !\!
O   0 (zero) OR [] OR {} OR ()
P   |> OR |^ OR !^ OR !* OR |*
Q   @ OR O_ OR O, OR O~ OR (repeat all these with a 0 (zero) instead of Captial o )
R   |? OR !? (couldn't find a good one, make up one that you can remember)
S   $ OR (/) OR 5
T   -|- OR -!- OR ^|^ etc
U   |_| OR !_! OR [_]
V   \/ (Back and Forward Slash) OR ^
W   vv OR VV OR \/\/
X   * OR +
Y   ^/ OR `/ Z   (\) OR /|/  OR %


The following are the names and locations of the harder to find special characters:
~ (tilda) to the left of the number 1 near letter Q (Shifted)
[ (Left Square Bracket) near letter P
] (Right Square Bracket) near letter P
{ (Left Curly Brace) near Letter P  (Shifted)
} (Right Curly Brace) near Letter P  (Shifted)
\ (Back Slash) above Enter Key
| (Piper Symbol) above Enter Key (Shifted Back Slash)
/ (Forward Slash) same key as Question mark ?  (Not Shifted)

Fake it until you become it !!

Over the years I have attended many professional development classes that have helped me a lot!  At one point I was attending a conference called COMMON for IBM Sys/36, Sys/38 and AS/400 (they were called mini computers at the time). These machines are now called the I-Series line (until they change the name again).

Anyway, we would learn all about specific software, the OS/36/38/400 operating systems, RPG/400, Security, Customer Support, etc.

Certainly I attended the classes I was sent to attend, but I always caught several sessions from the Professional Development track.

These sessions called to my soul, they helped me believe in myself when I needed it. They are designed to help me be a better, more professional employee/consultant.  I still think back to things I learned then and other similar classes I have taken since then.

So here is the first installment of a category that I am going to also call Professional Development.

This is a wonderful message from TED Talks/2012.  It was published to YouTube in Oct 2012.

Amy Cuddy brings to light a great idea to chew on.  Fake it until you become it.  If we only present ourselves as we currently are, we would never grow, nor make any progress in our careers.  

I have seen this in many instances in business, where someone is promoted from within to a management position.  This person's peers say "That is just Sam (or Sally) how can they lead us?"

So I watch Sam/Sally step up to the plate and act the way they have seen other managers present themselves.  Are they true managers yet?  Probably not.  But they persist and eventually they BECOME a manager.

This reminds me of the movie Remember the Titans.  The lead quarterback is injured and they had a backup QB, but he had never really acted as the leader on the field.  They put him in and tried to give him advice on how to lead and he says, "I've got this taken care of."

Then he runs out there are tells everybody to buck up and lets get serious, it's time to work!  And off they go.  I think he had some leadership skills, but no one on the team had seen them before, so he just went out and "faked it."

But enough about that,  Listen to Amy Cuddy.  She shows simple everyday ways to bring out our best self.  I'll include more on Body Language in upcoming posts.

Please leave a comment and let me know if this is beneficial and if you'd like to see more content of this type.

Thanks, 

Talk to you soon!