A good password, like a good door lock, is meant to perform at least two functions—let you in, and keep others out. If it performs one of both functions effectively and fails to perform the other, it’s not a good password. Have a look at this.
Username: Conscripted
Password: xaw24bQ#!@3bZv~9-Cd7_rJq$90*+k!00#&`~0
This password is extremely good at keeping others out—others including Mr. Conscripted himself! If it were my door lock, I would be sleeping outside tonight. But then, on the other hand, let’s have a look at this.
Username: Conscripted
Password: abc123
This password will certainly have no problem letting me in, but it would let the rest of the world in right after me, or even before! If it were my door lock, I wouldn’t have anything left in my house. A good password, like a good door lock, must let you in and keep others out. In the heat of battle, break-ins are common occurrences, and your passwords are the minimum defense you have against them.
6 Degrees of Separation: How safe is Mr. President with a Password like Yours?
You might have heard of the concept of 6 degrees of separation, it states that the maximum social distance between you and any other human on earth is six people. In other words, there are a maximum of six steps in your social network between you and any other person in the world. What this means is that you know somebody who knows somebody who knows somebody who knows somebody who knows somebody who knows the Pope. And if you want to pass a personal message directly to the Pope, all you have to do is find this chain, and your message will get to him in person—from the lips of his personal friend. Now the dark side of this is, what if that message wasn’t actually coming from you but from someone with malicious intentions who successfully acted as you and followed that chain? When I first learnt about the 6 degrees of separation, I decided to investigate it personally and see if I could trace a 6-degree connection between me and the president of America at that time. Interestingly, I found it without much difficulty. If an email comes from me and follows that path, it will get to Mr. President, and it won’t be coming to him from me but from someone he knows personally and perhaps trusts greatly.
There’s a 6-degree connection between you and Joe Biden or Donald Trump or Barack Obama or George W. Bush. An email coming from you, going through the right path, will get to any of these people. So how safe is the President with a password like yours? It might seem a bit exaggerated, but your password could actually be the entry point to a national disaster. Your weak password could bring down an entire institution or cripple an entire industry! Your password could spell the difference between victims and survivors in cyberwarfare.
Another dangerous thing about having weak passwords is that an attacker could break into your email, scroll through your inbox to see the various services you are subscribed to, then go to the login portal of any of these services and request a password reset. The password reset link will be sent to your email, the attacker will come back to your inbox, click on the link, reset your password, and gain entry to the portal to operate fully as you.
As it is, you already have assets on the battlefield, your personal information are there, your health records are there, your intellectual properties are there, even your money is there. None of these things is absolutely safe at war, any of them could be stolen in a successful attack. The very least—and by very least I mean the barest minimum—you can do to secure them is to use strong passwords. Other things might be out of your control, your bank’s cybersecurity infrastructure could be broken, your email service providers could be breached, many other things could happen that are out of your control, but one tiny thing that is within your control in securing yourself and your assets in cyberwarfare is your password, and you must get it perfectly right.
Never Repeat, Always Remember: Developing a Password Generating Framework
Passwords require a measure of complexity to do their jobs well. Creating strong, complex passwords that you can always remember without ever having to repeat on any two platforms is not an easy feat, you’d have to have a memory like Boris Konrad to pull that, yet this is the basic requirement in using passwords—make them complex, don’t reuse them across platforms, don’t write them down, and make sure you never forget them. The only way you can do that with ease is to develop a password generating framework. Complex passwords are generally required to have a combination of uppercase letters, lowercase letters, numbers and symbols, and a stipulated minimum length. I created a simple password generating framework specifically to help people get through this (Note: It might look difficult at the beginning, but it soon becomes a piece of cake). Here’s an example of a password generated to meet all the requirements above with this framework.
Username: Conscripted
Password: A2Z4ixkoobecaf+
This password is built with a 3-component framework. The first component is A2Z4ix which is the constant password initializer. The second component is koobecaf which is the reversed name of the platform for which you are creating the password (in this case facebook). The third component is the special character or symbol. With this framework you only have to remember two things: your password initializer at the beginning, which should contain at least one uppercase letter and a number, and the special character at the end, which could be any symbol of your choice. These two things are constants and don’t have to be changed; the only variable is what’s in the middle.
So if you’re creating passwords on several platforms with this framework, they would look something like this:
Instagram: A2Z4ixmargatsni+
Twitter: A2Z4ixrettiwt+
Quora: A2Z4ixarouq+
Reddit: A2Z4ixtidder+
You will never have to repeat passwords on any two platforms, and you can have a hundred different passwords that you will never forget!
We need you to do this for the sake of all of us; you can’t be Conscripted and do otherwise. From the last data breach we had, we already are concerned about how safe we are with a password like yours. Is this something you would do?
Marching Orders
- Always use passwords that are complex enough to keep others out and recallable enough to let you in.
- Don’t use the same password across multiple platforms.
- Create your own password initializer and special character and use it to create your password generating framework.
- Go right now to all your critical platforms where you have repeated passwords and change them to the unique passwords generated by your framework.
- Finally, sound the battle cry to those around you—“Our world could be destroyed with a password like yours.”