Strong passwords - how to create and use them

We show you how to tighten-up your passwords and ensure you remain hacker free.

Barbed wire fence (© Image PA)

Your passwords are the keys you use to access personal information that you've stored on your computer and in your online accounts.

If criminals or other malicious users steal your passwords, they can use your name to cause all kinds of damage, just look at the recent furore surrounding Sarah Palin's hacked e-mail account. In many cases you would not notice these attacks until it was too late.

Fortunately, it is not hard to create strong passwords and keep them well protected.

What makes a strong password?

To an attacker, a strong password should appear to be a random string of characters. The following criteria can help your passwords do so:

Make it lengthy: Each character that you add to your password increases the protection that it provides many times over. Your passwords should be 8 or more characters in length; 14 characters or longer is ideal.

E-mail oopsies! Read the e-mails that went global

Are you being conned? Identify dodgy e-mail

Use the entire keyboard, not just the most common characters: Symbols typed by holding down the "Shift" key and typing a number are very common in passwords. Your password will be much stronger if you choose from all the symbols on the keyboard, including punctuation marks not on the upper row of the keyboard.

Use words and phrases: The easiest way to remember your passwords and pass phrases is to write them down. Contrary to popular belief, there is nothing wrong with writing passwords down, but they need to be adequately protected in order to remain secure and effective.

In general, passwords written on a piece of paper are more difficult to compromise across the Internet than a password manager, Web site, or other software-based storage tool, such as password managers.

Create strong passwords

Create a strong, memorable password

Use these steps to develop a strong password:

Think of a sentence that you can remember and holds personal significance. This will be the basis of your strong password or pass phrase.

Test your new password with Password Checker. Password Checker is a nifty tool from Microsoft that helps determine your password's strength as you type.

Binary code

Password strategies to avoid

Some common methods used to create passwords are easy to guess by criminals. To avoid weak, easy-to-guess passwords:

Avoid sequences or repeated characters: "12345678," "222222," "abcdefg," or adjacent letters on your keyboard do not help make secure passwords.

Avoid using only look-alike substitutions of numbers or symbols: Criminals and other malicious users who know enough to try and crack your password will not be fooled by common look-alike replacements, such as to replace an 'i' with a '1' or an 'a' with '@' as in "M1cr0$0ft" or "P@ssw0rd". But these substitutions can be effective when combined with other measures, such as length, misspellings, or variations in case, to improve the strength of your password.

Can you identify dodgy scam e-mail?

Avoid your login name: Any part of your name, birthday, national insurance number, or similar information for your loved ones constitutes a bad password choice. This is one of the first things criminals will try.

Avoid dictionary words in any language: Criminals use sophisticated tools that can rapidly guess passwords that are based on words in multiple dictionaries, including words spelled backwards, common misspellings, and substitutions.

Use more than one password everywhere: If any one of the computers or online systems using this password is compromised, all of your other information protected by that password should be considered compromised as well. It is critical to use different passwords for different systems.

Avoid using online storage: If malicious users find these passwords stored online or on a networked computer, they have access to all your information.

The account control screen in Windows Live

How to access and change your passwords

Hotmail: Web sites have a variety of policies that govern how you can access your account and change your password. To change your password you can either use the Hotmail 'Manage your account' controls, or go direct to the Windows Live ID Website.

Messenger: For all your security needs you need the Windows Live ID Website.

It is advisable to take full advantage of the password expiry feature. Tick the 'Make my password expire every 72 days' box to add that extra ounce of security to your account.

E-mail oopsies! Read the e-mails that went global

Are you being conned? Identify dodgy e-mail