Vehement capitalist blogger Lew Rockwell has a tip for people concerned about the security of the passwords they use to access their protected information online: ditch passwords altogether in favor of passphrases.
What’s a passphrase? A “password” composed of words and symbols that, taken together, form a phrase that you’ll remember – but that can take a heck of a long time for hackers to crack.
An online security company, Silent Circle, has a website that, while soliciting subscriptions for its services, nevertheless allows you to test the relative security of any password or passphrase you create without having to buy anything.
A caution, if you do want to test the strength of a made-up password on the Silent Circle site: by all means, don’t type in a password that protects any of your current accounts. Make up one you have no intention of using, just to suss out what makes passphrases easier or harder to crack – and then get off the website and create a different, “real” passphrase that employs the same security-tightening measures.
Also, Rockwell points out that this sort of passphrase protection isn’t likely to guard against the spying eyes of the NSA or other American data surveillance programs (both known and unknown). Rather, use it to protect your information from conventional hackers. If you want to improve your chances of dodging the NSA – at least so far as email is concerned – consider email hosts that are based outside the U.S. and don’t have servers tied into the NSA dragnet.
“Bottom Line,” writes Rockwell: “Consider an offshore email, but definitely make your passwords longer by using a passphrase rather than a shorter but ‘harder’ password. Most sites will allow you to enter very long passphrases. Think of the minor investment in time versus the risk of identity theft, account takeover, and the extra time and resources for the government to snoop on you.”