Don't Be a Bad Pa$$w0rd Maker

By Benjamin on Thursday, August 27, 2009

Filed Under:


I saw this "awesome" (sarcastic) idea today on a site (see Passwords on Floppy Disk) and decided it was time to discuss the importance of secure passwords.

When an IT guy, such as myself, sits down in front of someone else's computer and is prompted for a password, he is already brewing up various possibilities in that little brain of his. The first thing that always comes to my mind is "password," followed by variants of it, such as "password1" or "password2." If these don't work, I usually move on to names of spouses, boyfriends, girlfriends, cats, dogs, and then to birthdays and phone numbers. I could go on, but I don't want to give away the secrets of the Interwebs.

Why am I telling you all of this? My point is that people are stupid when it comes to picking their passwords. You know those little things that tell you how strong your password is? Those aren't there to just tell you that your password stinks, they're there to tell you to try something else. Your password could be used for something as important as online access to your bank account. Do you really want random people getting into that? Some people are fixated on certain words that they just "have to use." My suggestion to them is to use those words (if they have to), but spice them up a bit.

What do I mean? Let's say you're obsessed with the word "porpoise," and you just can't imagine a password without it. I'd tell you to replace some of the letters with look-alike numbers or symbols, capitalize at least one letter, and add a number or two. Remember, it's important to make your password something that you'll remember. Don't try to make one so amazing that even you can't remember it. That defeats the whole purpose.

Here's the potential I see in the word "porpoise"...

1. P0rp0ise
2. Porpoise613
3. porP0!se

You see where I'm going with this? How many people, even if they know of your obsession with porpoises, will ever guess porP0!se? Not many. And especially not people who are as bad at making passwords as you once were. I say "once were" because I have now elevated y'all to level 2 pass-gicians. Oh yeah, you read that right... Pass-gicians. Password Magicians. Look it up. It's real. How awesome do you feel now?

If you'd like help making a rock solid password, you can always email me your options and I'll be happy to assist, LoL. That was a test. A true pass-gician would never fall for such a trick, especially not one who's a level 2. That's another thing people, don't share your passwords. Your boyfriend might not always be your boyfriend, a best friend might turn on you one day. You don't want your super, well thought out, passwords getting out into the big bad world of the Interwebs. You gotta be careful.

I hope this has helped enlighten some of y'all to the importance of good password making. Think before you make one. And for the sake of all that is good and glorious, please don't write it on a post-it and stick it on your monitor. That's just dumb and will result in losing your level 2 status.

Signing off, <--- get it?

Benjamin
Emperor of the Pass-gicians

2 comments for this post

First of all, the password in the floppy disk is awesome (not sarcastic). It's a great hiding place. If you're smart enough to put a password there, you should be at least a level 1.5 pass-gician.

Second, I know that in my place of business, if someone calls and say they're from IT, the user will always give you their password.

Normal conversation would be:

"Hello, this is the Ruler of the Interwebs. Can I have your password?"
"[click], [dial tone]"

Instead, it goes:

"Hello, this is the Ruler of the Interwebs, from IT. Can I have your password. Your computer is having issues, and I need your login information to fix it."
"Oh, sure. It's password. And welcome to the company. I have no idea who you are, but I'm sure you'll do fine!"

My company is a level -10 pass-gician institution.

Also, where can I take the test to become a level 3 pass-gician?

Posted on August 27, 2009 at 1:15 PM  


Only the Emperor of the Pass-gicians can grant such a thing. Your company saddens me, but it's funny, cuz it's the same thing where I work. A buncha dolts if you ask me.

And yes, the floppy disk is great, but my point is that you should base your password on a word you'll remember and then make it more complex. Posting it somewhere near your computer, hidden or not, is just stupid.

Posted on August 27, 2009 at 1:24 PM