These short, hard-to-read passwords look complicated to humans but very very simple to computers.
Its a program that automatically runs through massive databases of common passwords or random combinations of characters.
The best answer to that is a very long string of words.
As the webcomic xkcd famously pointed out,a bunch of plain words is pretty good.
Dont use a common phrase
But dont use the same bunch of plain words as everyone else.
When in the course of human events is a shitty password.
And dont get clever with thematic or personally meaningful passwords.
But they wont warn you about common guessable phrases, like those Bible verses.
Of course, typing your passwords into unfamiliar sites is a bad habit.
Youll pick something memorable, which will limit your options, and a computer will guess it.
Instead, get your system to make and remember your passwords for you.
This is the only reliable but convenient way to manage the vast quantity of passwords that modern life requires.
The current best in class is1Password.
There are several otherfantastic, full-featured password managersfor Windows and OS X, beloved by Lifehacker staff and readers.
All these apps will create and remember your passwords.
And all of them tell you how secure each of your passwords are.
Some even alert you when the services you use get hacked, whether or not you were personally exposed.
Of these top picks, the most distinctive is the open-sourceKeePass.
Cloud-based services like 1Password and LastPass are more vulnerable to remote attacks.
Dont write MASTER PASSWORD on it.
Dont forget your master password, or you could be completely and utterly screwed.
Dont store passwords in your internet tool
Those can get hacked, too.
Some of Operas saved passwordswere partially hacked last year.Even Google accountsare vulnerable.
(Ironically, by lowering the number of possible passwords, these rules make them easier to crack.)
First generate a random, secure password with your password manager.
Then amend that password as minimally as possible to comply with the services specific rules.
Weve coveredhow to create a memorable passwordif you absolutely have to.
Theres just no reason to make up your own password.
But not all two-factor is equally secure.
Dedicated authentication apps are a lot safer than just getting a code over SMS.
But both are safer than a password alone.
Dont ruin all this by using security questions
Security questions?
More like insecurity questions!
Im fun at parties.
Instead, you want to pick wrong and uncommon answers.
What high school did you go to?
Whats your mothers maiden name?
(Its also a decent strategy for picking that one master password that you have to memorize.)
Remember, everything is broken
Passwords are bad and dumb.But so is everything else.
Fingerprints can be stolen, two-factor texts can be rerouted, keys can be copied.
Some day everything will move onto a new security system, and youll have to adapt.
Thats the price we pay for putting our lives online.
