We always read stories in which large online services have been victims of some security breach, which makes vulnerable to all the accounts of their customers, with the risk of being stolen, and with them all the personal information of each user.
This has happened with many popular services. Evernote, Buffer, Adobe, cloud storage services like Dropbox, etc.
The most recent and largest security flaw has been Heartbleed, a bug that makes vulnerable thousands of websites that use OpenSSL to encrypt their data.
With these types of problems we are often forced to change our passwords immediately so that no one steals our data, but there are passwords so bad, they do not need security flaws, they alone put you at risk.
It is surprising how many people use easy-to-read passwords such as “password“, “12345”, their ID number, or important dates such as their birthdays.
This should always be avoided and it is not difficult to have passwords that are secure and that you can remember, especially if you follow the tips below.
Don’t use the same password everywhere
Obviously if you use a simple password to guess and also put it in all the services you have on the Internet, your data will be in danger once someone guesses it.
So, you will need to create different passwords for all services and the ideal for this is to create a formula that works just for you.
Create your own password formula
To be able to remember all the passwords you are going to create, it is important that you invent a completely unique formula that complies with three rules: that is hard to guess, that has all kinds of characters, and that you can relate it to something so that it is easy to remember. For all this to be possible there are several things you can do; let’s see some going.
Do not use personal data
It is very important that you avoid the use of data that anyone can discover just by looking at your Facebook profile.
However, there are data that will still be personal and that you can use, but that is not in the public domain or that you consider uncommon.
For example, if one of your favorite things is the TV series, you can use the name of several programs you like to create passwords by mixing them with other data.
Another great idea is to memorize patterns on the keyboard, but it will also depend on how good your visual memory is.
It would be like remembering a long pattern to unlock the phone only on a computer keyboard.
This way you’ll always make the same movements and it really won’t matter which characters you include, as long as they have numbers, letters and symbols.
Use the name of the service to remember them
So that all passwords are different but you can remember where each one goes, you can use the name of the service in your personalized formula.
For example, let’s say you’re going to create a Yahoo account to use email.
Then you could define that the password for this site includes something that identifies it, like the first and last letter (which would be “me”) or just the vowels (which would be “aoo”), and complete these letters with the rest of your secret formula.
Numbers instead of letters
A secure password must include all types of characters and one way to do this is to convert certain letters to numbers that have a similar shape.
For example, let’s say you chose the phrase “I WANT TO USEYAHOO” as your password to create an account at Yahoo.
To make it safer, you can enter numbers by changing certain letters, which would make you have something like this: “Y0Qu13R0Us4rY4H00”. It seems to be written by a teenager in a photolog, but it will be worth it because it will greatly increase your security.
The password above is pretty secure because it includes numbers, upper and lower case letters, but what about symbols? For this you can use symbols creating even emoticons in the password.
For example, you can take the one we already have, “Y0Qu13R0Us4rY4H00“, and add something like this at the beginning and end: “Y0Qu13R0Us4rY4H000/0/0/“ or perhaps “Y0Qu13R0Us4rY4H00.m(><)m”. You immediately increase the number of characters and have used the three necessary types.
If all else fails, use a password manager
These applications usually only make you remember one password and the others are created and stored by them to be used when you need them. The good thing is that you’ll get very long passwords, full of all kinds of characters and, of course, very strong.
More options to generate secure passwords
KEEPASS PASSWORD SAFE
When it comes to thinking of some of the best programs to create secure passwordsKeepass always appears as one of the most effective.
Not in vain is one of the most popular environments on the Internet. Keepass is based on an open-source software project (GPL), so it is even possible to see the source code on which it is based (without cheating or cardboard).
It is possible to choose between two different editions; KeePass 1.x or KeePass 2.x (KeePass 1.x has less functionality but is offered in a portable version that we can take with us on any skewer or USB disk).
If you use Windows platform, any of the versions is compatible (if not, with KeePass 1.x you must use Wine and with KeePass 2.x any environment compatible with the Mono environment).
As far as protection is concerned, in both cases they offer SHA-256 hash algorithms based on Rijndael (the fastest), although KeePass 2.x -the latest version published is 2.24-, supports GZip compression, scripting to automate processes, and supports more formats when importing previous data from other environments.
Although it is installed in English by default, once the chosen version has been downloaded it is possible to download the translation in Spanish through this link (http://keepass.info/translations.html).
An interesting advantage is the large number of compatible extensions and plugins (http://keepass.info/plugins.html).
More information: http://keepass.info
Probably one of the most integrated environments is Roboform, as it has versions for Windows, Mac, Linux, Android, iOS or USB, either Firefox, Internet Explorer, Opera or Chrome.
The latest version, Roboform 7 includes an improved look and feel, a new, more intuitive information bar (with identifying icons on each stored site for quicker recognition).
They also introduce the Roboform Everywhere service, which takes our information to the cloud so it can be accessed from any device at any time, which is quite useful.
The operation of the tool is very simple, just have the plugin or program and every time we access a website with credentials, Roboform will ask if we want you to remember.
Once stored, it will be enough to select the resource to which we want to enter and the system itself will take charge of going to the corresponding URL, in addition to providing both username and password in an automatic and transparent way. All with a single mouse click.
In addition, Roboform also allows you to fill out forms automatically (in fact, as new fields are found it asks us once and stores it for the future).
The price of Roboform is 24.95 euros, and if we choose to add Roboform Everywhere we will have to add 8.95 euros (the first year).
More information: http://www.roboform.com/es
PASSWORD MEMORY 5
The company Code:Aero Technologies, creators of Music Label (organizer of musical collections), proposes Password Memory 5 as one of the best programs to create secure passwords.
This is an environment based on the client/server structure that allows us to store all types of keys (128 and 256 bits long).
In order to avoid “key-logger” type systems (which try to capture our credentials when we type), Password Memory 5 allows you to copy the data to the Windows clipboard.
Although it is compatible with the entire Windows ecosystem (8, 7, Vista, XP and 2000), it is also possible to carry it on the USB to make it portable (simply by selecting the corresponding unit in the installation process).
This is a very safe environment designed more for professional environments than for individual use.
In fact, it includes as standard the possibility of exporting our data, complying with the security policies established by the IT department, synchronization via FTP, or access to our data through a shared network (centrally).
Also, by purchasing the product, they offer technical support, free lifetime updates and access to the member community from around the world.
The single-user version costs $19.95, while the 25-user version costs $249 (at a 50 percent discount).
EFFICIENT PASSWORD MANAGER PRO
Continuing with the chapter on professional software to improve the security of your accounts and use secure passwords, we find Efficient Password Manager Pro, a simple utility that allows us to access any environment easily, without having to remember each of the passwords. This is a very lightweight software that uses little system memory.
If you have a large number of stored passwords, Efficient Password Manager Pro provides a search engine that allows you to easily locate any service.
For its part, in order to show its capabilities has an evaluation version of 30 days. The price is $11.97 per license (for the domestic version).
For its part, Efficient Password Manager Network Online, aimed at small and medium-sized companies with collaborative functionalities, is priced at $17.97 (with discounts of up to 70 percent, depending on the volume of licenses).
In either case, the purchase includes perpetual free upgrades and technical support via email.
GOOD IDEA TO GENERATE STRONG PASSWORDS
In any case, we remember that the use of programs to keep our passwords safe is aimed at facilitating access to the pages, but should never be the trigger to stop having an effective password policy.
To do this, the golden rule would be to have a password that is more than eight letters long, and that also includes uppercase, lowercase, numbers, and alphanumeric characters.
There are only 26^8 possible combinations for an 8-character key using only lower case, while there are 94^8 possible combinations for an 8-character key using both lower case and upper case, numbers and symbols.
This means having more than 6 trillion possibilities for a mixed password, which is much harder to guess or break with a specific program.
In this sense, a good idea is to use mnemonic rules to generate our passwords. The idea is to start from concepts that we remember in a natural way to combine them and generate more robust key.
For example we could generate a password with the first four characters of our DNI, adding an admiration, and then put the name of our mascot (with the last character in capital letters).
In this case, the password could be like this: 5043!blasteR. As you can see, the result is a fairly strong and secure password, which we can easily remember.
Finally, remember the need to change our password regularly (a good practice would be to force us to change every 60 days, i.e. 2 months).