“It’s (hell no!) just a coffee shop”
We often hear these words from you when we remind you to require a strong password. “It’s just coffee, why would I need to secure anythong here?”
It is worth realizing that it does not matter what the store in which you leave your data is selling. It is important that you leave them, and the most important barrier to their protection (apart from our IT systems) is your password. It can cause (or not) that someone will gain access to your email address, telephone number or, even worse, your home address.
And all you need is a little imagination to understand what (cyber-) criminals can do with such a complete set of data about you.
The Holy Trinity of secure password
The canon of creating secure passwords are the three most important principles:
- minimum 8 characters (but the more the better)
- at least one uppercase, one lowercase, one number, and one special character
- not using dictionary phrases (i.e. those that mean something, e.g. “car”; it should be a random cluster of characters or at least a distorted dictionary phrase, e.g. “wekedn”)
In addition, each password used by you anywhere (e.g. in our store) should be unique, i.e. not used anywhere else, so that – in the event of a hacker hacking into one website – hacking robots would not gain access to all other services / portals in which the given password was used (they check it by machine, often one other character is enough to prevent hacking, e.g. on their Facebook).
Easy to say, harder to do? By no means, it’s easier than you think.
How to create a simple password, but impossible to guess by anyone?
Your brain comes to the rescue – your memory and only facts known to you that (after appropriate treatment) will be very easy to remember.
- Let’s say your mom’s first car was the VW Beetle. So let’s twist the word (to get a phrase not found in any dictionary). So we have Tleebe
- What engine did he have? 1.5? Great, we throw in at the beginning and end -> 1Tleebe5
- And now we put a cross on it, because the car has been scrapped for a long time -> 1Tleebe5#50
- And he was brought to scrap by his father, born in 1950. So we throw in the tip -> 1Tleebe5#50
- Now it’s time to meet the requirement of uniqueness – that is, we introduce a variable element to our password, but YOU will remember it very easily (or you can guess yourself at any time), because you will do it using only a known pattern, e.g. you add the first 4 passwords to the end letters of a given shop / company / service / institution, always in capital letters.
So, in our case, it will be “Sing” (from Single Origin).
So we have the password 1Tleebe5#50Sing. How easy to break do you think? Surely not, every cybersecurity specialist will love you for such a password!
So you have a super-strong password that will always stay in your head and is different everywhere! Because of creating passwords according to the above-adopted scheme, your accounts on various websites will be as follows:
- for Facebook: 1Tleebe5#50Face
- for the email: 1Tleebe5#50Mail
- for e-journal at school: 1Tleebe5#50Scho
- to the bank: 1Tleebe5#50Bank
- for Uber: 1Tleebe5#50Uber
e.t.c.
And the best part is that you don’t have to remember them! As long as you keep your password scheme, you simply know what your password is here every time.
It will be a good practice to create and remember at least two of these types of schemas. The first one for large and important suppliers who have a relatively lower risk of data leak (your internet banking, EBAY, gov.pl, Facebook, Google, etc.) and the second one – for small businesses (“it’s just coffee?”).
Remember that the more important the service for which you create a password, the more data it collects about you, the more unique and complex the password should be. It is up to you to decide how many such patterns you are able to learn – always the more, the better, because we fulfill the principle of uniqueness more and more deeply. And this protects you against a situation in which you only have one such scheme, and by accident, for example, your child (or worse – a stranger) will suspect 2 or 3 of your passwords and figure out your scheme.
If you do not want to remember several such patterns, you can enter more variables into it, e.g. by entering the rank of a given password / service. for example:
- 101 – the most important services, the most trusted providers (then the password will be e.g. 1Bus101garb5#50Bank)
- 122 – smaller, but still relatively trusted services (1Bus122garb5#50Skol)
- 144 – smaller purchases, etc.
Think, create, remember
Keepeing in mind previously described facts from your life, you can create various strings of characters (patterns) that will meet every security requirement and will be easy for you to remember. Some examples below:
- b€€TLE.1950-SING
- #sinG@tlee19BE50
- Tlee#sing1950@Be
- 19SinG#Tleebe50
Another idea for your scheme may be to remember a sequence of words that mean something on their own (i.e. they are dictionary ones), but together do not make any sense at all – and introduce an additional difficulty, e.g. by separating them with signs special ones, e.g. appearing consecutively on the keyboard, e.g. ending each additionally with a capital letter.
So, a few examples:
- piano!liquid@image#single
- ToDAY-SING01hoLY-MountAIN
- C@ble#MonKEY@like!SINGle
There are many ideas. You just need to keep your own discipline in creating your slogans and not reveal the patterns of their creation to anyone. If you always do it according to your rules, you will never forget a password for anything, each password will be different and will meet the highest requirements.
The password prepared in this way is obviously not perfect (it’s always best to create completely random string of > 20 characters), but it will be safe as long as you do not reveal the scheme of its creation to anyone.
Because – even if someone sees or intercepts one of your passwords – what the hell does Tleebe mean???