A short password, or one using a name or a word in a dictionary, can be easily cracked by computers. And simply adding “@” for the letter “a” isn’t going to fool the bad guys.
Here’s cryptographer and computer security expert Bruce Schneier’s advice on using and managing your passwords.
1. Use a “passphrase”: a sentence you can remember. Then replace each word of the phrase with its initial, a similar digit or symbol, or, at random, use a whole word.
MY DOG NATE WOOFS AND RUNS IN HIS SLEEP
m d N8 w @ r ! h s
The new password is [email protected]!hs. (Don’t use this one, though.)
2. That may still be tough to remember. If you need to, write a reminder and hide the paper somewhere safe. But write the phrase or a hint, not the password.
3. Generally, if you have a strong password, you don’t need to change it unless you suspect you’ve been hacked. But don’t use the same one for different services.