I wrote a bit for previous guild members just talking about secure passwords awhile back. It came up from hearing a lot of accounts getting hacked by sniffers or some other manner. There has been some worry about Facebook and other social networks revealing personal information which a lot of users tend to use in their passwords – go figure, it’s easy to remember.
Darin over at SquidZone.ca wrote an entry about passwords people should take a look at. He talks about passphrases and how to create a password that is hard to guess or brute force. He doesn’t really mention that you might want to have different passwords for different things.
Avoid using personal information as much as possible, in fact, it might be ideal to avoid social networks or, at least, some of the quizes or apps they make available which request some information. Definitely be wary of what you put up on those social networking sites.
I have weak (by Darin’s standards but definitely stronger than the average user) passwords I reuse for things I really don’t care about. Spam email accounts, message board log ins and what not. These places don’t contain anything important. Never anything important. If someone got a hold of that password they could impersonate me on a message board and that is about it.
I have stronger passwords for work and work related things or for hobbies I enjoy or online services I use. I almost never reuse a password for these. If you manage to get one, you won’t get access to the other.
Another thought (aimed more at protection MMO accounts but you can use it where ever it is permitted) is to avoid using simple or obvious user names where possible. For example, someone might guess my user name for WoW or EQ2 or VG or DDO would be “smakendahed” or maybe even “Lannister”, right? Wrong. In fact, my user name for those accounts are all different (except EQ2/VG since it was merged into the same SOE account for the all access pass, but it was different at one point).
This means, even if you get my username and figure out the password for WoW you can’t reuse it elsewhere at all. Fortunately, most MMOs have a forum name and account name that is different which really can help. Make a habit of not reusing the same user name for third party things as well (signature generator sites, messsage boards, Curse client account, WoWInterface, etc.).
Obviously, don’t share your user name or password with other people no matter who they are. My wife doesn’t even know the admin password for both systems I have at home and she most certainly doesn’t know the passwords for my laptop’s hard drive lock and work log in.
Not because I don’t trust her, she simply doesn’t need to know.