Everything You Need To Know About Passwords

Passwords are important and most people don’t know enough about them. How do you choose a strong password, use a unique password everywhere, and remember them all? How do you secure your accounts so you’re safe even if someone discovers your password? How do you protect your files and operating system — and what if you ever lose a password? We’ve covered all this and more over the years.

Be sure to read our password management guide for an in-depth overview to everything from choosing strong passwords to picking a password management technique and setting up two-factor authentication.

How to Create Good Passwords

All the password tricks in the world won’t help if you’re using a bad password everywhere. You should choose sufficiently complex passwords that can’t be easily guessed — anything based on a name, birthday, or dictionary word is terrible. Passwords should ideally be fairly long and contain numbers as well as symbols. For help coming up with good passwords and for an overview of ways to deal with all those passwords, read these articles:

xkcd password strength comic4   Everything You Need To Know About Passwords

Password Managers

Not only should you use a long password containing numbers and symbols, you should use unique passwords everywhere. It’s practically impossible to remember enough different, strong passwords for all the services you use without some tricks. One of the best tips is to use a password manager, which will generate strong passwords and remember them for you. We’ve covered a variety of password managers, including the cloud-based LastPass and the open-source KeePass desktop application.

lastpass menu 2   Everything You Need To Know About Passwords

Using Two-Factor Authentication

Many services allow you to go beyond passwords, requiring a second code to log in. If someone discovers your password, they wouldn’t be able to log into your account without the second authentication method. A variety of different services support two-factor authentication, including Google, Facebook, Microsoft, Dropbox, Evernote, Twitter, and many other popular services. Read these articles for tips on setting up two-factor authentication:

google two step verification   Everything You Need To Know About Passwords

Password-Protecting Files With Encryption

Encryption effectively allows you to password-protect your files. The encryption key functions as a password, which must be entered before your data becomes readable. If someone doesn’t have the encryption key, the files will appear as random gibberish. This is useful when storing financial information and other sensitive data or transmitting it online — email is insecure, so you shouldn’t send sensitive documents over email. There are other ways to password-protect your files, such as password-protecting a USB stick or encrypting your hard drive. For more tips on securing your files with encryption, read:

image58   Everything You Need To Know About Passwords

Password-Protecting Your OS and BIOS

Websites and files aren’t the only things that can be password-protected. Securing your operating system with a password will ensure that other people can’t easily gain access. You can also password-protect your computer’s BIOS to prevent people from changing its settings or booting unauthorized operating systems from USB sticks, CDs, and DVDs.

CreativePassword01   Everything You Need To Know About Passwords

Recovering Lost Passwords

If you’ve forgotten a password, you aren’t necessarily out of luck. There are ways to recover or reset lost passwords, so you can log into your computer or web account. Note that you can’t recover a password for encrypted data — the password functions as a key, and you can’t unlock the encryption without that key. If you lose your encryption password, your files won’t be accessible.

windows forgotten password wizard   Everything You Need To Know About Passwords

Alternatives to Passwords

Passwords can be inconvenient. People are constantly looking for easier ways to log into devices and services. From pattern locks and picture passwords to security mechanisms that rely on capturing a photo, scanning a fingerprint, or using Bluetooth, you can log into your devices in other ways:

windows 8 picture password setup   Everything You Need To Know About Passwords

Do you have any other password-related tips or tricks to share with us and your fellow readers? Leave a comment below!

Image Credit: Password Strength comic by XKCD

The comments were closed because the article is more than 180 days old.

If you have any questions related to what's mentioned in the article or need help with any computer issue, ask it on MakeUseOf Answers—We and our community will be more than happy to help.

15 Comments -

Craig C

that first bit with the “hard” to guess password was a terrible idea (the horse staple one) your password should never be made up of all real words, that makes it super weak, not only to people trying to guess it manually but a dictionary attack could find that password in no time at all.

Prosthetic Lips

Sorry, a dictionary attack is super effective if you just use a single word. However, how many combinations of words is a hacker going to try? They won’t know how many words you use, and there are millions of unique words to try (one estimate is a quarter million words without plurals, prefixes, etc.). You could even use a proper name to completely lummox the whole thing.

Chris Hoffman

It may not be ideal — correct h0rse batt^ry st24ple would certainly be a more random password — but the point is that longer, more complicated passwords in general are a good idea. “Correct horse battery staple” is a better passowrd than “h()rs4″

Navanski

Coming from Wales and having a good knowledge of Welsh place names really helps with password generation. For instance, but I don’t use it, I used to live on Rhyd-y-penau Road.

Jurmy C

Maybe I’m a little skeptic but i do not trust any kind of Pass Manager application unless u develop it your self or you can check if the application does not have any kind of key logger/history etc ; all you need is imagination , a piece of paper and a pen. Creating your unique password is not such a hard thing to do.

Guy M

You can use a protected spreadsheet to do this. Maybe not quite as handy as the password managers, but it’ll do the job.

Prosthetic Lips

I use KeePass — open source, so you can see all of the code, and there are implementations on several devices. So, I can sync the password file to my phone (or DropBox it), and have my passwords at my fingertips on different devices.

However, I concur, you don’t want to use something that has no visibility into the code, or has not been verified by someone you trust, since you have to trust that they are not going to just steal your passwords somehow.

Chris Hoffman

Yes, KeePass is the ideal option if you don’t trust LastPass. It’s open source.

merhawk

I’ve used the same password manager for over 10 years (ewallet from ilium). Wouldn’t still be around if it wasn’t completely secure. Use it on all of my devices too.

GF

“I always forget my password. So I called it “wrong”. In such way, when I log in but I don’t remember my password, it’s the website to remember it for me: «Your password is wrong»”.

(from “Paperoga Style”)

Chris H

Really liking 1Password for pw management. Plus the dropbox sync and browser extensions make it very easy to use.

Ben Freeman, J.D.

Ya’ can’t beat Last Pass!!! The best; and free!!!

sandip_chapagain22@yahoo.com

txxx

Matt Acton

I wrote up a guide for how I tend to generate a secure password. Some might fund it useful to provide inspiration for their passwords. I have often wondered though if that was the same method used to come up with Welsh place names! :-)

http://www.babblingengineer.com/how-to/how-to-generate-a-secure-password/

+1 for LastPass too

Tony

Thanks for your informative article! I am using KeePass to keep my online logins. But there is not a program to store the Windows login password, except writing down it on paper. Luckily there is a program called PCUnlocker which can help me remove forgotten OS password when I forgot it.