PASSWORD: It’s Not Just A Game On TV!

(Updated April 2014)

Yeah, I know.  I really dated myself with that title.

Still, if we are going to protect our kids, we need to understand and act on the need for “strong” passwords.  It also protects Mom and Dad!

Ask yourself this: Would I want to have a front door key that matched a lot of locks installed on the front doors on my street?  Of course not!  That’s because their keys would then work on MY FRONT DOOR, too!

I want a key that is “special” or “unique”.

The same should hold true about the passwords you use, both on your PC and on the Internet.

The problem is, too many people are using the same passwords, and they are (forgive me) STUPID PASSWORDS!  I mean, let’s just look at the Top 10 (clean) Passwords in use on the Internet as reported by SplashData (Dec 2011):

1.  123456
2. password
3. 12345678
4. qwerty
5. abc123
6. 123456789
7. 111111
8. 1234567
9. iloveyou
10. adobe123

Now, you may think you’re the only one on the entire planet that thinks of using “letmein”, but there are, apparently, millions of like-minded people.  And, “dirty” passwords are just as common, so don’t create passwords using swear words or well-know sexy terms either.

So what is a person supposed to do?

Well, to start with, a good, “strong” password has the following characteristics:

• It is at LEAST 8 characters in length
• It has a mixture of letters and numbers
• It has a mix of lower case and capital letters
• It should have at least one “special” character, if the site/account allows them, such as @#$%^& (Nope, that is NOT swearing! )
• Ideally, it should contain no words found in the dictionary (but that may not be feasible for many of us)

You also do NOT want to have one password for all your accounts.  To be blunt, that is foolish.  Instead, you need to have a system that you can use to remember many unique passwords, easily!!! That way EVERY account can have a unique password.  If one is compromised then the others remain safe.

So, how do you go about developing such a system for all your passwords?  You get out some paper and a pencil and start experimenting.  Here are some steps:

• Pick a word or phrase, creating a seed term, or “core” password.  This is the “core” of your password system.  It should be something unique to you with letters and numbers (remember, some systems won’t let the 1st character in a password be a number).  It could be based on an old address, school, occupation, job site, favorite Bible verse, sports teams, authors, etc.  Here are some examples:
  .
  • Jer2911 (favorite Bible verse)
  • pearst1234 (old address)
  • F18Cbugs (old plane you used to fly)
  • Apple0312 (years you worked for Apple, 2003 – 2012
  • GoIrish72 (College team + entry or graduation year)
  • Panda123 (Favorite zoo animal and a string of numbers
  • USSCVN77  (USS + Navy ship designation for the USS George H.W. Bush (CVN-77))
  • Cowboys95 (Sports team and last time they won the Super Bowl! )

• If you want to make it even stronger, or if the web site requires “special characters”, then you can replace some letters with numbers or allowed special characters.  Capitalize a designated letter in each word (1st, last, 3rd, 6th, etc.):

• Test your term/phrase with the PASSWORD METER at http://www.passwordmeter.com      The examples, above, went from being GOOD (53%) to VERY STRONG (100%) on the  meter.

Once you have a strong core password, then you need to devise a system that customizes your core password for each account.  One easy way is to just add more characters to the beginning or end that identifies the account.

EXAMPLE:

• You need a password for your cable bill with ATT UVERSE and your core password is Blackie33
• Your system has you add certain letters (by position) of either the company name, web site, or the logon username, to thebeginning or end of the core password.
  Examples:  Blackie33tt  would be the full password if you were adding the 2nd and 3rd letters of the company name to the end of the core.  You would have tuBlackie33 if you were adding the 3rd and 4th letters to the beginning of the core.

Now, here is a great thing about such a system:  All you have to remember or write down is a code for your system plus the core password!  For instance, in the above example , if you were using the 2nd and 3rd letters at the end, such as for , you would only have to remember or write down this: “core+23“.  The “code” for tuBlackie33 would be  “34+core“.    When you need to change the password, you could just change it to core+43 (reversing the letters from “tu” to “ut”, or other letter combinations.  Or, you could just change the core and leave the over all system the same.

The complexity of your system only depends on how strong and secure of a password you want, and how much damage you can take if the account is compromised. (Remember, if Target and other big companies can be hit…..)

Some would argue with me on this, but there are some passwords that I feel don’t necessarily need to be bullet-proof.  These may include my logons for my library account, the school district’s grade system, my account on ESPN.com, etc.  Then there are other accounts that need LOTS of security such as my e-mail accounts, bank accounts, insurance company, and bill-paying accounts.  Also any accounts like amazon.com and my iTunes account where I make purchases and have credit card info stored use the stronger passwords.   Anything to do with money and finances MUST BE VERY STRONG!  Also use the strongest passwords for any accounts that access/require sensitive personal info, like your Social Security Number.

 So, what do you do? Have two or more core passwords with a special, VERY STRONG core for those accounts that need it.  Other “normal” accounts might have a strong, but less complex (i.e. easier to type) core.  Plus, for legal reasons you might want to have a completely different system/core for your work accounts. That might make 3-4 systems you have to keep track of, or 3-4 cores, but that’s a LOT easier than not having systems.

Now, what about your basic computer logon for Windows or Mac?  These rules also apply, because you don’t want your kids to get into your account, but they can be a little simpler, unless you’ve created a little hacker .  You can use similar systems, but, pick a core password that your kids will never guess.  If you really want to defend against them, make it racy or romantic: Kids can’t go there with parental passwords.   But make sure that it is at least STRONG!

So, how do you remember all these, anyway?  Well, if you are systematic, you should be able to remember the CORE  PASSWORD fairly easy.  Then, use a single system for add-ons or create a list of logons and REMINDERS that will help you remember the add-on.  DO NOT write down the actual core passwords or add-ons, and (don’t laugh) NEVER write down a password and put it on a post-it and then stick it on the monitor or under your blotter (I’ve seen this…a lot).  Only use REMINDERS that are meaningful to you and you alone.  Maybe you can get a small spiral-bound book to list them and keep it safe.

EXAMPLE:  Your ACCOUNT LOGON may be Falcon78 (your high school mascot and the year you entered high school).  Your system may be CORE+25.  So your reminder can be “Logon: Birdyy    PSWD: Core+25”  Only YOU know the meaning of those hints. Falcon78 could be a standard LOGON that you use, as well.  You can even apply the password system concept to LOGONs and USERNAMES.

With a well thought-out system all you have to remember is the core password and the system you choose!   Once you get the hang of it you will find that it is quite easy.  The trick is to find a system and a core that works for YOU!!!   This way you can easily manage 100’s of passwords, and still meet security requirements.

Last, but not least, remember to change your passwords regularly.  Financially-related core passwords should be changed at least every 90-120 days.  I like to change all of my other core passwords annually.  The great thing about having a system is that it makes doing these changes much easier.  You only have to remember the SYSTEM that you adopt.

Here are some sample systems/notations for systems you can try.:

• CORE+12  (core + 1st and 2nd letters of the account/site)
• CORE + 21 (core + 2nd and 1st letters  of the account/site)
• 35+CORE2 (3rd and 5th letters + core2, a new or more secure core)
• 41+CORE (4th and 1st letters +  core)
• CORE + L2L4 (the 2nd and 4th from the LAST of the account name, hence the “L” designator for “LAST”)

So, find a system that creates good, STRONG/VERY STRONG passwords and have fun!

You may also want to check out these articles on the web:

Create Strong Passwords (Microsoft Site)
Password Strength (Wikipedia)
How To Make Strong, Easy-To-Remember Passwords (CNET)

What systems have YOU developed? Share with us in the COMMENTS section, below!

Check out these other popular posts!

• NetFlix Streaming: What Parents Need To Know
• Why Viewing Porn Is Like Visiting The Food Court At The Mall!
• Filtering Your Home Network via OpenDNS: What Parents Need To Know Part I – What is OpenDNS?
• Sex, SPOUSES, and the Internet – Part 3: CyberSex…And Spouses
• …Because What’s On The Internet Even Grosses Out the HOOKERS!!!
• “Safe Sex” Is Not Proven – The Scientific Truth!

Help us continue to help you!
Just $1/day ($30/month) WILL make a huge impact for tens of thousands of families…worldwide!!!!	Book a TECH-SAFE HOME™ seminar for parents by contacting us at: info@knightsquest.org or 817.715.4074	This fall, Knights’ Quest is launching the all-new TECH-SAFE YOUTH program! Contact us to schedule a back-to-school event!!	Got a question?Send it in via e-mail!

Subscribe to Blogging The Knights’ Quest via:
 .

Need articles for your Church Newsletter? Contact us for permission to reprint our articles!
It’s FREE for Churches and non-profits!

NOTICE:  All communications with Knights’ Quest are held in strictest confidence, within the limits of the Law.

 4″ />