Shankar Ganesh

Just another WordPress site

7 Password Don’ts

with 24 comments

ADVERTISEMENTS



Okay it’s a cliche ;) but let me tell you again :D . Here are my tips:

  • Don’t use phone numbers, birthdays, names of your friends, relatives as a password.
  • Don’t use dictionary words for a password – this is very important.
  • Don’t just use alphabets. Always mix up numbers and symbols, uppercase and lowercase letters.
  • Don’t use the same password for all your online accounts.
  • Don’t have the same passwords for a long period of time. Make sure you change them in a regular time interval.
  • Don’t write down your password.
  • Don’t reveal your password to your friends and family.

If you have anything to say, add your views in the comments!

Written by admin

June 5th, 2007 at 11:51 am

Posted in security,tips

«
»
  • Jacob

    I reveal my passwords to my friends and family at times. They’re just so weird that they wouldn’t possibly be able to remember them.

  • http://blog.sapauljoseph.info/ Srinivasan Paul Joseph

    The Problem with keeping so many passwords is again the problem of forgetting them. Then, I would suggest, one solution to the problem.

    Keep the Passwords in a pattern. In a pattern according to the Website or User Name you have in that website. In that way, you will remember the website. That’s how I do it.

  • http://www.benh.org/techblog benedict herold

    Srinivasan, that is were ‘forgot password’ optiong comes in handy :-) I almost use it across every site :D lol!

  • https://www.passpack.com Tara (PassPack)

    @Jacob
    I hope your kidding. :)

    @Srinivasan
    A better solution would be to use a password manager. Here’s a post I wrote about the types of home grown forumlas you mentioned:
    http://passpack.wordpress.com/2007/06/04/choosing-passwords-long-is-strong/

    @benedict herold
    Sending passwors via email isn’t safe. More info here if you want it:
    http://passpack.wordpress.com/2007/02/06/dont-click-the-lost-password-link/

    I’m a founding partner at PassPack, so I clearly have a product bias. But there are *plenty* of password managers out there. Most are free, like PassPack. So pick a product you trust. Then use it.

    Cheers,
    Tara Kelly
    PassPack founding partner

  • http://fresh-perspectives.blogspot.com pearl

    hmm i have also revealed my pwd to family sometimes :) but I make it a point to change them everytime! but I confess: at times I am too busy and have had same pwd for many sites..

    im gonna change all today..:D

    good reminder Shankar .. thanks!

  • http://www.shankarganesh.com/ Shankar Ganesh

    Jacob: Like Tara said, I hope you’re kidding :D
    Srinivasan: That’s a good suggestion. I too follow a pattern for passwords. Thanks.
    Benedict: I also use the Forgot Password option quite a number of times, but I know I shouldn’t ;)
    Tara: Thanks for those links. They’ll really prove useful. And I think you were not biased. Atleast you said “plenty of password managers are available” :D
    Pearl: You’re welcome, Pearl. Make sure you don’t forget your passwords :)

    Thanks all for stopping by! :)

  • http://www.tecfre.com kanak

    good tip. Thanks for sharing :-D

  • http://www.sizlopedia.com Dj Flush

    # Don’t use the same password for all your online accounts.
    # Don’t have the same passwords for a long period of time. Make sure you change them in a regular time interval.
    # Don’t write down your password.

    Ok I Fail badly at all of them lol

  • http://16secrets.com/7-conseils-pour-choisir-un-mot-de-passe/ 7 conseils pour choisir un mot de passe

    [...] En choisissant un mot de passe trop facile à identifier, les risques de fraudes augmentent. Shankar Ganesh nous propose dans ce billet 7 conseils pour choisir un mot de passe [en]. Shankar m’a gentiment permis de traduire ces quelques conseils. Les voici [...]

  • http://www.whoismadhur.com Madhur Kapoor

    “Don’t use the same password for all your online accounts” . I fail at it too .

  • http://www.nirmaltv.com Nirmal

    Nice one. I too fail in many, but not saying in which all.. :D

  • http://www.pallab.net Pallab

    I hate changing passwords. Invariably I forget to change passwords at some websites, and then while logging in that creates problems as I use a different system (to generate my password for each website) each time.

  • https://www.passpack.com Tara (PassPack)

    @Shankar Ganesh
    RE: At least you said “plenty of password managers are available”

    Thanks, I do my best to be fair. It’s hard considering my position. I always sign myself with the company name so that people don’t think that I’m trying to pretend to be unbiased when I’m not. But as soon as I mention PassPack, I run the risk of sounding like a commercial… it’s a fine line to walk.

    Always glad to chip in though! :)

  • http://www.shankarganesh.com/ Shankar Ganesh

    Thanks for your comments, all.
    I too fail at this:

    Don’t use the same password for all your online accounts

    :P

  • http://blog.sapauljoseph.info/ Srinivasan Paul Joseph

    Well, I should say, there are loads of Password Managers out there. But the one I liked very much and use every day is AI Robo Form. Which you can get free version and paid version also at: http://www.roboform.com/

    I do always keep patterns of Password for my own remembrance and also use this tool to manage my Passwords and Identity.

  • https://www.passpack.com Tara (PassPack)

    Yup, Roboform is a very popular product. You can store up to 30 passwords for free (not sure if there is a limit on notes). The only real issue is portability. You can purchase Roboform2Go, but it requires that you carry a USB keychain with you wherever you go.

    I’ve never been a Roboform user, but I have used offline passwords managers on a USB stick in the past. These fall short when you “forget” the stick and (Murphy’s Law) that happens to be when you need it most.

    An online password manager’s primary advantage is that you can access it 24/7 via internet. No USB.

    Here’s an Online vs. Offline comparison:
    http://passpack.wordpress.com/2007/01/29/online-vs-offline-password-managers/

  • http://sankaranand.com/blog/ SankarAnand

    i too follow a pattern for passwords

    but my passwords contain alpha numeric with irregular combination so they are hard to guess less i tell them

  • http://www.shankarganesh.com/ Shankar Ganesh

    Some reviews of password managers are coming soon. So keep tuned!

  • http://technixupdate.com abhishek bhatnagar

    nice post make sure to include some…online password managers…also in ur review n ping me when ever u write that post.

  • http://www.shankarganesh.com/ Shankar Ganesh

    Sure, Abhishek :)

  • http://blog.shankarganesh.com/2007/07/03/june-round-up/ June Round-up — Shankar Ganesh | Tech Blog

    [...] 7 Password Don’ts – Security Things that you mustn’t do regarding your passwords [...]

  • http://contents-magic.com/ WordPress Advice

    I want to add that its a good idea to keep an undocumented password creation system for different sites. It is specially important not to use the passwords of your email accounts while creating online account.

  • http://www.shankarganesh.com/ Shankar Ganesh

    @WordPress Advice: That’s a good tip.. Thanks for sharing.

  • googler

    Good one.

    And if you have problems making hard passwords and storing them in a safe place there are password managers. Just be sure to backup your date.