Topic number one – PASSWORDS

We all have them, we all use them, most of us don’t like them very much. Those of us who work in technology have even more complex relationships with them.

My opinion is that we’ve not handled passwords very well. And, that their value as security mechanism is continuing to diminish.

All sorts of “worst password” lists are compiled annually. Here’s a link to one that I do NOT vouch for or control the content on –

Passwords I still see at least once a month being used for something technology related –

– password
– password123
– default
– letmein
– football
– 123456789

If you utilize any of these passwords for any of your devices, accounts, email addresses, etc. I implore you to stop. It’s not even a speck of security.

Without trying (and absolutely failing) to explain mathematical principles like entrophy, I can offer this MOST important piece of advise about passwords –

“The longer the password the better/more secure it is”

There are obviously exceptions to this. An 18 character password that is all the character x is NOT secure, for example. Common phrases or well know quotes will be easy to break.

But, if you choose 4 or 5 words that are not normally associated with each other AND are easy for you to remember then you have a MUCH more secure password. Here’s a visual aid from the excellent online comic xkcd –

Other suggestions are to include things like words from another language, portions of an old locker combination, etc. Avoid public data like SSN, date of birth, high school graduation year, and so on.

We could talk for days about passwords. Usage, theory, how often to change, how to store, etc. This article is meant to provide a basic starting point for people to understand how to choose good passwords to protect things, people, and resources.

Remember – Longer is better and something unique that you can remember!