Cyberclinic: I need a safe new password

Click to follow
The Independent Online

This week's question, about how to convince a technophobic boss that setting all e-mail passwords to "pass123" is not a good idea, received open-mouthed responses. Jamie Cowper, from e-mail encryption company PGP, pointed out the risks: "E-mail isn't just the main source of business communication - it's also responsible for storing much of our data." The matter of secure passwords is something that affects all of us. Most web services that hold personal data require a single password to allow full access.

"We're told that using a combination of letters and numbers makes for a secure password," writes Tom Chambers, "but if people are using combinations as obvious as 'pass123', it's clear that they need a bit more guidance." Security expert Bruce Schneier, writing recently for, recalled that the most common password was once "password"; today it's "password1".

"Instead of words," writes Andy McLean, "use initial letters of a phrase that's memorable to you." You could go further and intersperse these letters with a number, and using this method I come up with "i1w5c2f9t8i9" - a password that I'll remember, but is worthy of a Fort Knox combination padlock. It combines the phrase "I write Cyberclinic for The Independent" with the last six digits of my girlfriend's phone number.

Diagnosis required

Next week's question is from Tim Mallatratt: "Media files are getting bigger and broadband speeds are getting faster, but most ISPs impose strict limits on the size of files you can send via e-mail. Are there better options for sending files?" Send comments and new questions for the Cyberclinic to