Most crackers(hackers) use what is known as “dictionary attacks” – where a computer or peice of software tries to guess a password by running through a series of common phrases or words in various combinations. They(The computers/hackers) check hundreds of common “root” passwords ( such as “dog”, “tree”, etc.) in combination with various “appendages,” including every two- and three-digit combination, single symbols (like $ and ?), dates from 1900 A.D. on, and a few others. The crackers also sub in common characters like “3″ for “E” and other letter substitutions, like “B” for “8″, and so on. Other, less common methods are also used, but are not usually as effective as Dictionary attacks.

A good way to create a password is to pick a less common root, for example,pitcher , and mispell it so that it becomes a non-exsisting compound-word, so (for ex.) pitchsure, instead of “pitcher”. After doing this, it is a very good idea to add appendages (34a, $P$, etc.), except in unusual places, like in the middle or beginning/end of your already mispelled root-word. So, $1$1pitch%x%sure would be an almost perfect password. Other good examples may include 2arm1337war2 (armoire) or 123bayzboll321 (baseball)

If you chose to store your password on a PC, make sure that it is in an encrypted form. Note: The Windows Password ache(.pwl files) is very insecure, so if Windows prompts “Would you like Windows to store this password?” do not click “Okay”. Also, try not to send your passcode via e-mail to anyone, or tell them oraly.Yes, write your password down but do not leave the paper just lying around, and lock the paper away somewhere, preferably off-site and definitely under a lock and key.

It is a very bad idea to use a simple and short password, and simply substituting letters(ex. 1 for L, 7 for T, etc.) in a simple passcode is a common security miconception, so 1473R (Later) , for example, is a bad password choice. Other bad examples include things located near you (“computer”, “keyboard”, “monitor”, “speakers”, “printer”, etc.) are useless to fend off a cyber-attack on your password.Also, never use a password that is based upon your username, account name, computer name or email address. Also Do not use common passwords like 123456,abcdef,qwerty,password1,letmein etc. And change your password once in a month.This will help you to protect your account.