Tips for choosing and protecting passwords

February 15, 2012 3 Comments

Most people feel that choosing a password is a hassle and consequently spend far too little time on it. However, establishing a good password regime can save you lots of time in the long run and lots of grief by preventing attacks by criminals — and it can even be fun!

How to easily create a great password

Just try to think of a password system that will help you create secure passwords that you can also remember easily. One simple example is to pick the first (or second, third, etc) letter in a sentence you invent. Then substitute some of them for symbols or add some numbers and special characters.

For instance, the sentence:

  • I really think that creating and remembering a complex password is a hassle!
  • …becomes Irttcaracpiah! when selecting the first letter of each word…
  • …which after replacing some of the letters with numbers or symbols ends up as the virtually unguessable Ir++c&racp1ah! (don’t use this password as your own!).

To make the password unique for each service you use, preventing a potential intruder from breaking into more than one account, add words or letters that are associated with each service.

Just think of a sentence and get creative — you can even use full sentences up to 64 characters if you want!

Password selection rules

In general, try to do the following when choosing a password:

  • Avoid using dictionary words and names.
  • Never use sequences of letters or numbers such as “qwerty” or “123456”.
  • Avoid familiar items that someone might guess (names, phone numbers, etc).
  • Use a combination of letters, numbers, and special characters.
  • Use 8 or more characters.

See also:

Protect your password

Once you have chosen a good password you need to protect it from possible attackers.

  • Avoid using one password for all your logins!
  • Try to choose a password you can memorize so you won’t have to write it down.
  • Never share your password with anyone.
  • Avoid logging in from public computers. If you do, then always use https://secure.runbox.com which provides encrypted transfer of all your data.
  • Check the Account page for any suspicious login attempts to your account.
  • Be careful opening email attachments from people you don’t know or trust — it might contain a computer virus, a key logger that will snatch your login information, or other malevolent programs.

Continue Reading →

Fixed: Spam problems

Leave a comment

You might have noticed an increased influx of spam recently, and it’s caused by problems with the RBL (Real-time Blackhole List) we have been using at Runbox. An RBL is a list of domain names associated with spamming, and is used when filtering spam.

We’re working on a solution which will be better than what we had before, and hope to have it running within a couple of days.

Update: This was fixed on friday 17th of february when we implemented SpamHaus RBL.

Continue Reading →