Simplicity Vs. Security

07 January 2010

Statement 1: It takes longer to type and remember complex passwords with characters such as @,#,$,%, etc.

Statement 2: The general recommendation for passwords states that they should have complex characters.

From my experience, this leads to a compromise for some users- ease of use rather than security. I am online on mobile devices a significant amount of time myself, and my Facebook especially reflects the fact in my status updates; "Via Facebook Mobile"

The issue is that ease of use seems to often take a higher priority than security for many people. As mobile devices with admittedly crappy keyboards become increasingly prevalent, crappy passwords follow. That's not to say that all mobile devices are difficult to type on since more and more sport full QWERTY keyboards in some form or another. Remembering and typing also plays a role- obviously it's much easier to remember a simple (and easily hackable) password such as 'letmein' instead of a stronger password such as L3+mE!n.

Another issue is that passwords should be changed somewhat often- an issue for those with bad memories.

Forgetting (for the moment) about newer technologies such as fingerprint recognition and facial recognition, there are ways to make strong passwords that are easily remembered by creating a pattern. To log into the site example.com you might do something like;

PWD (capital letters with the abbreviation for password)

4 (a number)

example (name of site, easy to remember, lowercase letters)

.(om (looks like .com, has two characters- a . and a ( )

Which results in the password: PWD4example.(om.

(Note that there's far better ways to make a password, the idea was simply to use a pattern).

Keep your passwords strong and your online world safe. There's nothing more devastating than losing accounts to hackers.

• • •

Stay updated by email
or, grab the feed

Found something wrong? Get in touch.