Security is required everywhere, be it for logging in to your computer, accessing e-mail, or accessing Web services such as banking or social media. At the root of the security is, of course, your password to access these services.
While being able to remember a password is hard enough, warranting tools like 1Password and Apple's Keychain to help store them, another area of frustration is attempting to come up with a good and secure password, or at least being able to check those you already have. In general, the more complex and long a password is, the better; however, many times people resort to using patterns that are easy to remember, such as combinations of names or words, many of which are dictionary terms that make them much easier to figure out than a random password.
Unfortunately, once you have created a password or password scheme that seems secure and perfect for your uses, many times it will not work for specific services that have restrictions such as using only letters and numbers with no punctuation or special symbols, or have a specific length range for the password. In these instances you now have to either change your password scheme to accommodate the service, or create a new scheme altogether.
If you find yourself constantly coming up with new passwords for your services and have ever wondered about how secure they actually are, Apple has a tool built into OS X that might help in this process, as it not only will check your passwords for security but will also help you generate one if needed.
Apple's Password Assistant is not a standalone application that you can open; however, as part of its Security framework (a centralized application programming library) it can be accessed from any program that was built with this framework and includes a button that allows you to invoke it. Many programs include this framework, but a couple of easy and readily available options are Apple's Keychain Access utility and the Users & Groups (or Accounts) system preferences.
In Keychain Access, just select New Password Item from the File menu and then click the little key button to the right of the password field. In the Users & Groups system preferences, click the Change Password button for your account and then likewise click the key button to the right of the password field. In both cases the password assistant window will appear, with a number of options for checking or generating passwords.
If you plan on checking your password, click the Suggestion field and then type your password. As you type, the tool will display a few suggestions in the tips field about your password, such as whether it includes dictionary words, or whether it is too short or needs alternative characters like numbers or punctuation. In addition to the tips, the tool will display the password strength with the Quality indicator, which will show a progressively green bar as the password gets more secure.
Sometimes simple alterations to a password are enough to change it from an insecure one to a secure one. For instance, the password "mypassword" is horrible and is indicated as being so by a short red bar in the password checker. However, if you add a single number or punctuation mark between the two words, such as "my>password," then despite the words being in the dictionary, the checker tells you this is a far more desirable password to use.
In addition to checking your existing passwords you can have the Password Assistant generate new ones for you based on a number of different criteria. To generate a password, first select a password scheme from the Type menu, which includes the following options:
This is perhaps the best option to use, since it uses wordlike phrases intermixed with punctuation and symbols, such as "oaf7)songsmith." These options are far easier to commit to memory than others.
- Letters and Numbers
This will create passwords that only include alphanumeric characters. Unfortunately there is no option to create a Memorable password with this option, but one approach to doing this is to first create a Memorable password type and then replace its symbol and punctuation characters with a number of your choice.
- Numbers Only
This is essentially a random number generator.
Similar to the Numbers Only option, this is a random character generator. This is perhaps the most secure option, but the passwords come with the drawback that they are not as easy to remember as the Memorable option.
- FIPS-181 compliant This generator creates passwords that comply with the FIPS-181 standard, but in my experience tends to come up with passwords that are less secure for the same number of characters as the Memorable or Random generators.
When you select one of these options, the passwords will automatically be generated and the first one will be displayed in the Suggestions field from where you can right-click it to copy it wherever you would like. To select another suggestion, click the down arrow to the right of the suggestions field and a menu will appear with a number of alternative suggestions. If you would like to generate more passwords, just choose the More Suggestions option at the bottom of the menu.
If the passwords being generated are not as secure as you would like, then you can adjust the length of the password to make it stronger. The length slider will allow you to set the generated password length to between 8 and 31 characters, and in most cases a small increase by only a couple of characters is enough to greatly enhance the password's security.