The Security Mentor

I read a lot about security. I see a lot of bad advice.

I won't name the poor guy, because he means well, but someone I just read suggested starting with English words and adding numbers or special characters.

The password guessing programs the bad guys use know all about both techniques.

People who deface web pages sometimes brag about what they've done. One in particular made fun of the webmaster who'd used "heavymetal1980" as a password. The intruder figured that english plus numbers was stupidly easy to guess. That was six years ago. Password guessing programs are smarter now and run on faster computers. One system administrator found a password of "pre$ident" with a program and computer from 1993 (don't try this yourself -- he didn't get permission first and now has three felony convictions).

Some better ideas would be to take some catchphrase that only your family uses and use the first letter of every word, or to use the serial number of a fifty dollar bill in your wallet. You already have a system for protecting your wallet.