How to create strong but easy to remember passwords

Thursdays are the day of the week when I post some personal thought, but this week I’m thinking about passwords, so this will be a bonus “From the Help Desk” tip!

Password policies get out of hand, sometimes. I understand the need to be secure, but I will never understand why we IT nerds make it so difficult for the rest of you. We require your password to be at least 8 characters long. It must meet 3 of the 4 following requirements: 1 (or more) upper case letter, 1 (or more) lower case letter, 1 (or more) special character, and 1 (or more) number. Oh, and it can’t be similar to any of your 25 previously used passwords. It can’t have more than 2 sequential letters or numbers (sorry, ghillieSuit123, you didn’t make the cut!), and if it includes an identifiable portion of your first or last name, it will be rejected. We also lock you out after multiple log-in attempts (to prevent others from “cracking” or “brute forcing” your password by going throug the dictionary one word at a time).

Did you follow all of that? Me neither, and I’m one of those people responsible for making it all up. And that’s my problem with passwords. We make them so insanely complex that everyone needs to write down their passwords. Defeating the entire purpose of the password. Now, it’s true, people think mostly that a slip of paper in a desk drawer isn’t a huge security risk in this day and age. Computer crimes, password theft, etc… it all happens in the ether when groups hack large databases and steal hundreds of thousands of passwords at a time (as was the case very recently at my regional power company). But if you think that nobody would ever try to break in and steal your computer, you’re sadly mistaken. And some may go far enough to look for the passwords to go along with them. These things do still happen.

Or, more likely, it could still just be as simple as a co-worker taking the information and impersonating you on the network and getting you fired. Anything can happen. We want your password to be secure, but I’m on your side: I hate that we make you change them so frequently. If we could trust you to just not give your password out, then you would have one password, and not have to write it down. It’s frustrating. But unfortunately, it doesn’t look like the “password policy” is going to change any time soon.

So here’s what you can do about it. There are some simple services that will help you adhere to password policies in effect where you work. One will help you determine if your password is strong (or generate a strong password for you to use). That site is at HowStrongIsMyPassword.com. A more fun website to see if you’re really safe is HowSecureIsMyPassword.net. This website really entertains me. You can put in your real password and see how long it’s expected that a modern computer would take to crack your password. My “work” password, according to the website, would take 102 million years to “crack” if a hacker were to try some sequential combination of characters (example: a? ab? abc? a-z? ba? bb? bc? and so on, until all possible combinations of letters and numbers, symbols, and numbers are exhausted). While it’s an impressive number, it’s all for naught if somebody can just look on my desk and find my password on a post-it on my monitor.

So just do your part to make your password fun. Most systems, like the computer in your typical office, will gladly accept characters such as spaces and even “!” exlamation marks. I encourage you to write a sentence with your password. Try it! It’s easier to remember, and harder to guess – even if someone knows you. For example, according to HowSecureIsMyPassword.net, it would take 62 sextillion years to crack your password if you made it something as simple to remember as “This is my password!” Another simple password to remember could be “I listened to 45’s growing up!” – not an easy thing to guess, and to crack, it could take 24 duodecillion years! So go on, try it!

I would like to thank DarkMethod45 for sharing “How Secure…” link with me, and inspiring part of this article.

Goodbye, Joe Pa

Alright, this is my personal blog, believe it or not. I try not to get too in your face personal, but today I’m going to. I’m a Penn Stater. A 2007 graduate of a branch campus in Erie, Pennsylvania: The Behrend College. I am a Delta Chi fraternity brother, I bleed Blue and White.

When Joe Paterno lost his position at Penn State, after 61 years with the team, it was no doubt a shock. The man had been coaching at Penn State longer than I’d known what a university even was. When I was learning how to potty like a big boy, Joe Pa was taking Penn State to back-to-back undefeated regular seasons. Too many people used the cliched “evil triumphs when good men do nothing” tag-line in the weeks following the Penn State scandal. While I in no way wish to belittle what happened and what has come forth about Sandusky, but I have been livid since Joe Paterno was dismissed. Penn State asked him to step down from his position in 2004 amid poor performance, and Joe Paterno refused. To be ousted like this? Shameful.

Mike McQueary allegedly witnesses Jerry Sandusky in the locker room with a young man. McQueary tells Paterno. Paterno tells his supervisors. Paterno loses his spot with the team before McQueary. Even if Paterno had gone to the police with what he had been told, at that point, it’s hearsay, inadmissable in court. Paterno had so little to do with the overall case – if and when this whole thing goes to court, Paterno would likely not even be able to be called as a witness! Yet there he was, the man literally bronzed into Penn State’s community, tossed from his position as Head Coach in the middle of the night. With nothing left to fight for or live for, Coach Paterno died from complications due to lung cancer a matter of weeks later.

As a Penn Stater, it hurts. As a Penn Stater, I know a lot of oter Penn Staters. I have snipped just a few comments from friends’ social netorking pages, just to share with you how we feel. After all… We Are… Penn State.

“No one deserves a million dollars just to coach a football team” -Joe Paterno after turning down a coaching offer from the New England Patriots in 1972. Mourning the loss of JoePa has nothing to do with being a Penn State fan, its about celebrating the life of a man that didn’t have a selfish bone in his body. Rest in peace coach, the world has lost a true gentleman.
-Steve S.

Wore my white long sleeve “400 wins” T all day and a PSU ball cap (thanks to the rain)…. while at the grocery store, almost everyone I made eye contact with gave me this look that simply said “I’m sorry” – complete strangers… the cashier asked me some details on his death and shared his sorrow and anger over how his career and life had to end. Joe just brings people together: Penn Staters and Non-Penn Staters alike.
-Heather B.

Penn State Behrend’s flag was at half mass today in honor of Coach.
-Shantel M.

We are a student body. At the end of the day, it doesn’t matter how many football games we won, or how many students we have. We could have the best program out there, but without the support and pride of our student body, we are no better than any other school. Joe Paterno knew this and strived to make all Penn State students know this, because without us, Penn State becomes just an average state school. I know I speak for Joe Paterno when I say “Fight on State, Fight on.”
RIP Joe Paterno
#PennStatePride
-Derek K.

“‘His life is Penn State through and through,’ Scott Paterno said, speaking of his father in the present tense. ‘He understood that and it never once occurred to him to be bitter toward Penn State.'”
-Adam W., quoting an article featuring Scott Paterno’s words.

Not perfect by any means…but who is? Hopefully his legacy will be remembered more for the good he did than for what he did not do. His debt is paid. May he R.I.P and his family be given the comfort, privacy and respect they need and deserve at this time…
-Eden R.

I don’t want to talk about it. And if you’re from Penn State, you already know what I mean.
-Me, minutes after official sources broke the news of Paterno’s passing.

Better Know a Gamer is back! Nominate a friend, now!

So, the other day, I imported the WinBreak.com Better Know a Gamer archives. During this process I may have forgotten to disable my twitter updates which caused abut 30 articles to publish to my twitter and facebook streams in a matter of seconds. Sorry about that. But the good news is, you can read all about more gamers, and some of their best stories!

Better Know a Gamer is back, and you can Nominate a Gamer whenever you want, even yourself! There’s no shame in it, some come on and get famous!

Coming (Back) Soon! Better Know a Gamer!

From my old site, WinBreak, I had one very succesful run of content: Better Know a Gamer. You could nominate yourself or anyone you know, and easily be featured in an issue of Better Know a Gamer. Interviews, getting to know community members. After we were thirty-plus posts in, thats when the site started to slow down a bit. I will be importing all of the old BKAG articles and picking up where I left off, in the thirties – you’ll be able to select the BKAG category and go back through all of the old interviews, as well. Keep an eye out for it soon!

This site will soon have implimented the same “nominate a gamer” feature that WinBreak.com had, where you can enter an email address and have the questions automatically fired off to the recipient. So be sure to check back – sign yourself up and several of your friends!