It is essential to use a unique and complex password to secure each of your accounts, on computer, on mobile or online. Rules and tips can help you create them… and remember them easily.

It is essential to use a unique and complex password

It is essential to use a unique and complex password to secure each of your accounts, on computer, on mobile or online. Rules and tips can help you create them… and remember them easily.

The password is the essential key to access the digital universe. Or rather, passwords. Because it is now necessary for everything, on a computer, on a smartphone, on a tablet or even on a connected device such as a television, to access an operating system, an email, a social network, a streaming, to a bank account and to all kinds of online services, for storage, applications, games, merchant sites, etc.

In fact, passwords are just like the keys to a house. If a malicious person recovers one of your passwords, they have access to your account, and therefore to your personal data, which is sometimes very sensitive. And this unfortunately happens very often, whether through ignorance or negligence. Not a month goes by without news that accounts have been hacked.

The problem is therefore to create passwords strong enough not to be cracked by hackers, but easy enough to memorize so as not to forget them. E, above all, different for each site and service.

What are the rules for creating a good password?

  • Create a unique password. The most common mistake is to use the same password for all accounts: social networks, merchant sites, messaging… If a hacker or a scammer gets his hands on this password, he has access to all your accounts.
  • Avoid easy combinations. In the various classifications of the most used passwords, the unavoidable “123456”, “azerty” and other “passwords” unfortunately generally come first. Needless to say, they offer no protection.
  • Do not use common words. To “crack” a password, hackers proceed by listing all the possible combinations, in particular using dictionaries of different languages.
  • Do not include personal data. Passwords including the first name of the spouse or of a child, a birthday date or their city of residence are to be avoided. Cybercriminals can get access to this private information quite easily on social media.
  • Apply a minimum length. A password must include a minimum of 8 characters including uppercase, lowercase, numbers and special characters. The National Commission for Computing and Liberties (Cnil) and the National Information Systems Security Agency (Anssi) even recommend going up to 12 or even 16 characters at least if the authentication of an account is based only on this single password.
  • One method is to take the first letters of a famous phrase, embellished with numbers and symbols. “The world belongs to those who get up early” becomes “LmaàCQslt8!$” Anssi also recommends the phonetic method. “I bought 5 CDs for one hundred euros this afternoon” becomes “ght5CDs%E7am”. A final trick is to contextualize the password according to the service used. For example, “Co2Mentcamarche8§*”.
  • Use a random password generator. Various online services automatically generate strong passwords. You can easily find some from antivirus vendors like Avast and password managers like Dashlane Where LastPass.
  • Change your password regularly. Anssi recommends renewal every 90 days for accounts containing particularly sensitive data (email, bank account, etc.).
  • Check the strength of your password. The website How Secure is My Password calculates how long it will take for a hacker to find your current password. Google’s “Check-up” service indicates, him, if your passwords are not very secure, used for several accounts even… pirated.
  • Never give out your password. It should never be written in a sticky note whether on a post-it, an unencrypted file or an email. Likewise, it should not be shared with colleagues or relatives. Anssi also recommends not keeping passwords in memory in a web browser, although this option is very practical on a daily basis.
  • Create an easy-to-remember password. There’s no point in having passwords you don’t remember unless you use a password manager that will. Use mnemonic techniques (see example below), to create a password that is easy to remember but difficult to guess.

There are several techniques for creating a password that is both safe and easy to remember, following the recommendations of specialists. And even for different words for multiple accounts.

  • The best known method, which is very effective, consists of taking a rather long sentence – famous or not –, keeping the initials of each word, and combining them by replacing letters with numbers and symbols.
  • Thus, with the sentence “the world belongs to those who get up early”we obtain lmaacqslt. With a few capitals, we get LmAaCQslT. It’s still short and simple. Add numbers. Lm4aCQslT0. Then symbols. ?Lm4aCQslT0%. You already have a code of 12 characters, which represents the minimum today.
  • Similarly, using phonetic equivalents, the sentence “I bought eight CDs for one hundred euros this afternoon” easily becomes Ght8CD%E7am.
  • Ditto with the phrase “there, all is order and beauty, luxury, calm and voluptuousness”, which can give ltneqoeblcevthen LtnEQOeBlceVthen Ltn3Qe80lc&Vthen Ltn3?Qe%80lc&V. The principle is infinitely declinable.

The trick to having different but easy-to-remember passwords is to create a strong “root” password, as explained above, and combine it with the name of a site or service. .

  • For example, create an already complex password of 16 characters like fZE6uEgNkCa6Wu3J. This will be the root (the common part) of the others.
  • Then add at the beginning, in the middle or at the end, characters and symbols recalling the name of the site or the service. For example, for an account on HowItWorks, add ?Ccm Where Ccm?. You obtain fZE6uEgNkCa6Wu3J?Ccm or Ccm?fZE6uEgNkCa6Wu3J. And for Gmail, add Gml% or 9MAIL or Gm$% to get Gml%fZE6uEgNkCa6Wu3J or 9MAILfZE6uEgNkCa6Wu3J.
  • Here again, the principle is infinitely declinable, with variations. You only have to remember the root password and the recipe ‘secr!te) to personalize it!

What are the worst passwords?

Many specialized organizations regularly publish the most used passwords in the world and in certain countries. Weak passwords, because they are easy to test to hack accounts. Here are some examples. Never use them!

  • 0000
  • 000000
  • 00000000
  • 1111
  • 111111
  • 11111111
  • 123456
  • 12345678
  • 1234567890
  • 987654321
  • 123456123456
  • 123321
  • 666666
  • 696969
  • 88888888
  • azerty
  • azertyuiop
  • qwerty
  • qwertyuiop
  • 1q2w3e
  • 1a2z3e
  • abc123
  • password
  • password
  • password1
  • admin
  • fuck you
  • iloveyou
  • I like you
  • Hello
  • hello
  • welcome
  • soccer
  • loulou
  • Teddy
  • Sun
  • tiffany
  • princess
  • chocolate
  • dragon
  • monkey
  • pet
  • Nicholas
  • thomas
  • camilla
  • Marseilles

This list is obviously not exhaustive.

ccn5