Category Archives: NEWS

Getting Your Business in the SL Spotlight

by

Often I get  asked for tips from residents to get their businesses seen and get their brand marketed.  Events are definitely one of the many ways you can get your name out there…there are I’d say hundreds in Second Life now…ranging from home and garden, mesh body apparel, hair, and even just a bit of everything.  Many of these events run themed monthly events – where designers can apply to be included.  For each event a listed criteria will be provided on application pages where you can see if you’re business meets the requirements.  These events often get so popular its nearly impossible to get in without a teleport hammer HUD. Below is a list of event calendar and advertising pages with alot of public eye on them.  Seraphim features gallery pictures so you can “preshop”, which is awesome when you’re waiting to enter!

Seraphim – Hosted by a great group of people! / Lists ongoing events, major events and sales within the SL Community.

Second Life Event Calendar – Hosted by Sanura Snowpaw / To Submit Event: Apply Here

Hunt SL – Hosted by Rosamoo Mendlesohn & Xia Nishi / List of current hunts and submission to set up a hunt to be posted can be found on their blog.

Hunting SL – Hosted by Alianna Logan and Alon Alphaville / Second Life Fashion Feed as well as listing of events and hunts.

Here are some helpful tips for getting seen found via Second Life Wikipedia:

Appeal to humans, not search engines

Help people understand what you offer by providing useful, clear, and accurate descriptions that communicate what’s valuable and unique about your place, group, or event. Know your target audience and speak to their interests as specifically as possible. This helps you stand out from the crowd and helps new Residents become long-term members of our community and economy.

Be specific and descriptive

Avoid filling descriptions with nothing but a list of keywords. Use phrases and sentences that are human-readable. The search engine will return results for words that are based on the linguistic root of words in your description. This means that if you sell tango dance animations, your description does not need to include every version of the word dance (dances, dancing, and so on). Searches on the word dancing will include your listing in the results.

Note that a large portion of searches include more than one keyword (in fact, many searches are for phrases). Including relevant common phrases in your listing will increase its visibility.

For example, if you sell Jazz-age clothing and accessories, say so. If your location also looks like a speakeasy and hosts events, let people know.

Create a brand

Top merchants and events in Second Life are successful in part because they have created a unique feel around their product that helps people identify what’s especially valuable or appealing about their offering. Communicate the vibe of your store or group through its name, imagery, and targeted descriptions.

For more info on advertising opportunities, check out How to market your products and see the Classifieds FAQVisit the Business and Marketing wiki portal for more tips on starting a Second Life business or bringing your business into Second Life.

Maturity ratings matter

Be sure to mark your listing with the maturity rating appropriate to the content and location. Listings that are not marked appropriately will miss their target audience and may be blocked from search results. See Maturity ratings for more info. Note that all searches on secondlife.com return only  General results.

Stay current

Second Life is a changing world, and Resident search behavior changes too. Based on our monitoring of user behavior and satisfaction, we continually update our relevance and rank algorithms to serve the broadest user base possible. New releases to Search will be announced in advance, whenever possible, on the Second Life Blog Technology channel. As user behavior changes, so too should listing strategies change — ask your customers what drew them to your listing, and learn from others you admire.

Technical guidelines

Check Show in Search

Click the Show in Search check box to include your listing in the search index. This option is available on places, profiles, groups, and objects. If it is not checked, search results will not return these items. Events are automatically included in the search index. Note that items in the Search index are also available to be viewed on the web and may be indexed by web search engines like Google, Bing, or Yahoo!

Note: None of your personal information is available on the web unless you write that information in your listing descriptions.

Some tips

  • Spelling and grammar matter. Avoid using non-traditional spellings. Also, be sure you’ve got the correct spelling. Avoid over-use of capital letters or symbol characters.
  • Internationalize. Second Life is an international community in which many languages are spoken. If you are targeting non-English speakers, be sure to use their language in your listing name and descriptions.
  • Indexing. Updates are usually available within 6 hours.
  • Parcels. Take care when changing parcel boundaries. A variety of parcel data is used in calculating search rank, and changing the boundaries of your land parcel can cause that data to be reset or lost. When joining two parcels, the larger parcel keeps much of the parcel data.

Frequently asked questions about search rankings

Relevance and rank: what are they?

Linden Lab monitors and fine-tunes a wide variety of Second Life-specific data signals to weigh the relevance of listings for each search request. We first determine if a listing is relevant to a particular search query; we then determine the importance of that listing relative to other relevant results. Searchers can refine their results with filters or sorting features.

To create the best search tool for everyone, we are constantly improving the relevance and rank algorithms. Following the guidelines, policies, and tips in this document will help you create effective listings that reach your target audience.

Why did my listing move in the search results?

Search leverages advanced statistical regression of many different measures to determine the statistical significance of user behavior.  Put more simply, search changes over time as people use Second Life and we gather information about what they are doing.

How do I boost my ranking in search results?

Read the guidelines above. These guidelines are the best resource for improving your visibility in search.

What is traffic and what role does it play in search rankings?

About_Land.png

Traffic is a numerical metric calculated for every parcel of land inworld. This score can be summarized as the cumulative minutes spent on the parcel by all visitors to the parcel within the previous day. (The value shown in About Land is based on data gathered from midnight to 11:59 PM, Pacific Time.) It is calculated by taking the total seconds spent on the parcel, dividing by 60, and rounding to the nearest whole minute. For example, if your parcel has a cumulative seconds total of 121s over the course of a day, the traffic score is 2.

Traffic has a mild influence on the relevance of search results. It’s one of many factors included in the search logic.

To see the traffic score for a parcel, right-click on the ground in the parcel and choose About Land; or choose World > Place Profile > About Land. The General tab shows the traffic score for each parcel.

If I have zero traffic, do I drop from search results?

No. This rumor is not true. The amount of traffic (that is, the number of avatars on your parcel over time) has a small effect on search ranking, but it will not cause you to drop from search results altogether.

How does size affect search rankings?

Search treats very small parcels, especially parcels that are smaller than the 128 meter size restriction allows, as less important.  For more information about  land parcels in search, see Search FAQ.

How else is ranking determined?

In addition to traffic, size, and many more ranking mechanisms, we also apply a small negative boost related to how spammy a listing seems to be. We determine this using software that evaluates content and gives it a rating. This spam ranking is viewable on the source code of your world page listing, and there are several inworld merchants with free objects that tell you if your parcel has been flagged for spam. Adjusting the title and description text associated with your parcel affects your spam rating, and that new rating is picked up in the next update.

Are inworld business owners subject to a periodic re-shuffling of search criteria?

Search is a very important tool for users and business owners, and we constantly strive to improve that tool to meet all our Residents’ needs. We release periodic updates, new features, and bug fixes that may affect the performance of particular listings in the search results. Whenever possible, we communicate about these releases in advance on the Second Life blog.

Do classifieds that have paid more for inclusion always appear at the top of results?

Ads shown in both the Classifieds tab and on the right of all search results pages are ranked by a combination of keyword relevance and price paid.

Linden Lab Exciting Improvements to SL & Fee Updates to Enable Even More

by

Linden Lab recently announced some spectacular changes and improvements int he works for all of the Second Life community.  I’ve recently seen alot of also negative posting about the Credit Processing Fees, unfortunately good things cost money.  In the end of things, the new rules and laws/regulations are in place to protect from money laundering and lining the pockets of not so good people.  I remember the days when it took well over a week to even process a credit, if I process a credit today – I have the funds next day via paypal…and 24 hrs later in my bank account.  Now – granted if I cash out on a Friday – I do have to wait til Monday, but still a significant improvement from past for sure! To protect the MANY good ones – sometimes we have to sacrifice a little for ultimate end game.  I personally and looking forward to the new Animesh features – this is a game changer guys! This feature will enable creators to use skeletal animations with non-avatar objects – like wild animals, pets, vehicles, and scenery objects

Entry posted by Linden Lab · 

As we recently announced, we’re making multi-million dollar investments in Second Life that will benefit Residents in the near and long term, while also ensuring that the virtual world’s bright future ahead is even more awesome than its 14+ year history has been. Exciting times!

Today, we want to update the Resident community on some of the initiatives funded by those investments, and also announce two fee changes that will enable us to invest in even more Second Life improvements in the future.

Updates to LindeX and Credit Processing Fees

Second Life’s vibrant Linden Dollar economy and the ability to process credits has a very real impact on the lives of many around the world. Residents have built extremely successful businesses in Second Life, charitable organizations have raised millions of dollars for important causes, and a great many creators earn enough L$’s to fund their hobbies and shopping habits.

Underlying SL’s user-to-user economy and the ability to buy and sell L$’s for real currency is a significant amount of ongoing work to ensure that everything remains compliant with applicable laws and regulations, while also preventing fraud and money laundering. This work comes at a cost, and we are adjusting related fees in order to help cover those costs and enable us to continue to invest in Second Life’s future. The changes are as follows:

  • Effective today, the fee for buying L$ on the LindeX will be $0.99 per transaction (previously it had been $0.60 per transaction). These changes impact only buys on the LindeX, and the fees associated with buying L$’s during SL Marketplace transactions remain unchanged.
  • On January 3, 2018, the fee for processing credit transactions (i.e. paying real money into a PayPal or Skrill account) will be 2.5% per transaction, with a $3 (USD) minimum, and no maximum. This fee is currently 1.5% per transaction, with a $3 (USD) minimum and a $25 (USD) maximum.

New & Upcoming Improvements to Second Life

We’re investing across a number of areas for SL, including new features, engineering support, customer support, billing systems and upgrades, and customer acquisition outreach. Some of these will be long-term initiatives, but here are a few updates on some of the improvements you can enjoy right now (or very soon!):

More fun, for everyone in SL. We introduced SL’s first grid-wide game Tyrah & the Curse of the Magical Glytches, giving all Residents a new experience to enjoy throughout SL. The game is designed to encourage a grid-wide level of participation and exploration, and already it’s been played by nearly 5,000 Residents. Very soon, we will enable Resident-owned locations to host portions of the game, and we will announce those details when ready.

New creative tools. We recently released Animesh in beta, enabling creators to use skeletal animations with non-avatar objects – like wild animals, pets, vehicles, and scenery objects. Coming soon is EEP!  (Environmental Enhancements Project), a series of extensions to Windlight that enable you to trade or sell your own environment settings. EEP will also allow Parcel-based environment settings and an extended day cycle too!

More value for Premiums subscribers. In the coming weeks, we’ll be rolling out a new perk for Premium subscribers (hint: it’s a feature that’ll be helpful for merchants and shoppers…).

More customers for your businesses. We’re making changes to help get new users active in the SL economy more quickly and easily. The sooner a new user has L$ in her wallet and understands how to use them, the sooner she can become a customer for every business owner in SL, and so we’re working to streamline user flows and update tutorials to make that happen.

New ways to stop the bad guys. Unfortunately, it’s not uncommon for successful platforms to attract cheaters and bad actors. Some of these villains attempt to hurt Residents’ businesses by bypassing creator protections in SL, and we’re continually developing new tools and techniques to combat this. Recently, we closed an exploit that fraudulent gacha re-sellers had used. Our governance team can now catch them when they attempt the cheating method that we have already fixed. Many bad actors have already been banned from SL, and additional changes will soon make our team even more effective. Protecting your creations and your SL businesses is important to us!

We continue to make progress in the massive upgrade to SL infrastructure and move to the cloud (we call this project Brave New World). This move will (among many other things), help make SL more performant for Residents around the world, and may also enable us to introduce new products and more flexible pricing in the future.

We continue on our mission of only sending email to verified addresses (more here). Missing IMs lately? To never miss an offline IM again, log in to your account on the web, click on “Account,” then “Change Email Settings,” and then simply click “Verify” next to your current address.

Much more to come!

Of course, we’re working on improvements to the SL Viewer, Simulator (servers), and Web properties all the time, and there’s more than we can fit into a single blog post.  As we forge ahead you can keep up with the latest developments with the release notes we post to the forums:

 

12 Windows 10 Features You Didn’t Know About

by

 

In this blog I want to do something a bit different and give windows 10 tips. Although not much to do with second life, if your computer is not working correctly your second life will not either.

Windows 10 has been on the market since July 29, 2015, and tens of millions are using it. Yet there are still many new and useful features in Windows 10 that most people don’t know about. Here are 12 of the most useful, interesting, or at least amusing ones…

Twelve Lesser-Known Features of Windows 10

(1) The “Contact Support” app is new in Windows 10. You can open a text chat session with a Microsoft “Answer Tech” if you need help. There’s also an option to supply your phone number and have a tech support person call you at a time you specify. To open the app, type Support in the search box and click on the result. (You must be signed in to a Microsoft account.)

(2) Scrolling in inactive windows: In past Windows versions, only the active (current) window could be scrolled using the mouse wheel. In Win 10, you can scroll in any open window. Just move the mouse cursor over the window, and you can scroll using the mouse wheel, without clicking inside the window first. On my Windows 7 system, scrolling in inactive windows does work. Perhaps that because I have a Logitech M510 mouse with that functionality built into the driver software. Or maybe I’m just special. But in Windows 10, all mice are equal, at least when it comes to scrolling. If you don’t have Windows 10, and you can’t scroll inactive windows, you can use WizMouse to get the same effect.

(3) File Explorer now opens with a “Quick access” view, showing a list of commonly-used and frequently-visited folders, and a list of recently opened files. You can also navigate to a folder, then select the Home tab and click “Pin to Quick access” to make that folder appear in the Quick access list.

(4) Print to PDF: a native printer driver that converts documents to PDF files has been added to Windows 10. When printing from any Windows app, select “Microsoft Print to PDF” as the printer name. Instead of committing your masterpiece to paper, it will be saved as a PDF file.

(5) The Command Prompt has been upgraded with new features in Win 10. The window can be dynamically resized, and copying and pasting to or from a Command Prompt is now much easier; the standard key combinations Ctrl-C and Ctrl-V actually work! Also, text can be made to wrap when a Command Prompt window is resized, instead of vanishing under an edge of the window. Many other Command Prompt enhancements are detailed in this Microsoft blog post.

Control and Customization

(6) Windows Update runs on auto-pilot in Windows 10, but you do have some new controls. The Professional, Enterprise, and Education editions of Windows 10 have an option called “Defer upgrades.” When you defer upgrades, new Windows features won’t be downloaded or installed for several months. Security updates will still be applied. From the Start button, type “windows update settings” and press Enter. Then click the “Advanced options” link to see the Windows Update settings. (This feature is not available in the Windows 10 Home Edition.) You can also schedule a required restart for a time that’s convenient for you.

(7) “Sideloading” apps: in Windows 8, Microsoft allowed only apps from its Windows Store to be installed. This move mimicked Apple, which allows only Apple Store apps on its devices. Security is the reason for this restriction, but the general population of Windows users doesn’t want to be deprived of all the good, perfectly safe apps written by third-parties. So in Win 10, you can “sideload” apps – that is, load them from a source other than the Windows Store. But you have to enable this feature. Go to Settings > Update & security > For developers. Then click the button next to “sideload apps.” A warning about dangers of sideloading will appear and you’ll be asked to confirm that you wish to enable sideloading; answer “yes” and it’s done. My advice is to turn this feature off again, after loading the desired app.

(8) Stylish Desktops: You can now customize the look of your desktop better than ever. Go to Start > Settings > Personalization > Colors. Choose “Show color on taskbar and Start Menu.” You can pick the color from a palette, or let Windows choose a color from your background photo to display under icons of open apps. You can also remove the translucent property of the Start Menu.

(9) Monitor Apps’ Disk Space Usage: Windows 10 will now tell and show you what apps are using the most disk space, a boon if you are short of free bytes and want to manage space carefully. Go to Settings > System > Storage. A list of drives connected to your computer will appear. Click on one of them to see how much space each app and its data are consuming on that drive. Note that you can also change the folders in which files of different kinds are saved.

New Features in the Fall Creators Update

(10) My People: My People is a new feature in the Windows 10 Fall Creators Update that started rolling out on October 17, 2017. It lets you pin up to three contacts to the task bar at the bottom of your screen. Click one of those icons, and a Skype messaging window will open. (You can use Mail, or a different messaging app from the Windows Store if you prefer.) You can also drag and drop pictures onto a contact to quickly share them.

(11) Ransomware Protection: Another piece of the Windows 10 Fall Creators Update is Controlled Folder Access, which prevents ransomware from accessing your important files. This works by locking certain folders so that only authorized apps can access them. By default, Controlled Folder Access protects your Documents, Pictures, Music, Videos, Favorites and Desktop folders. You can add additional folders to protect, and specify your own trusted apps. Access the Windows Defender Security Center to tweak those settings.

(12) Emoji! We’ve gotten used to having those little icons when texting on our mobile devices, but now there’s a handy emoji keyboard built into Windows 10. When your cursor is in a text field, press WIN+. (the Windows key and the period key) to pop up a selection of smiley-faces, hearts, food, and other icons that you can paste into your messages. You’ll need the Fall Creators Update to get your emoji on.

One-Stop Shopping For Windows 10 Tweaks

(BONUS) GodMode is not an official feature, and it doesn’t actually give you super powers. But it is a useful hack put together by an overworked and underappreciated system administrator long, long ago. Yes, GodMode has been available in earlier versions of Windows, and its fans are delighted to see it still works in Windows 10. GodMode provides a unified, categorized view of all of Windows’ farflung features, commands, settings, and functions, all in one place that you can open with a single click.

Think of it as Control Panel, Unlimited. To activate GodMode, right-click on your desktop, select New > Folder to create a new empty folder on your desktop. Then copy this string of characters below to your clipboard: GodMode.{ED7BA470-8E54-465E-825C-99712043E01C} Right-click on the new folder and select “Rename.” Paste the string into the space for the folder’s name and press Enter. Now, whenever you open that folder, up will pop the monster menu of options that is GodMode. You can change “GodMode” to whatever you like; one person I know uses “DeuceMode.” Just don’t lose that period that follows the name and precedes the cryptic string of characters!

Don’t forget Zoha Islands 10 year anniversary SALE Going On Now! Please contact a sales agent for more details, see how you can get 20% off additional land. This sale won’t last long so NOW is the time to take advantage!!!

Have a great week

Deuce Marjeta

and the Zi Staff

ZoHa Islands 10 Year Customer Appreciation SALE & Celebration Starting October 27th!!

by

As many of you know ZoHa Islands is celebrating its tenth year in business with a celebration on October 27th from 1 PM SLT to 11 PM SLT with 10 live performers and a plethora of wonderful raffles and prizes to win! More info about the event can be found here. There will be a prize given each hour for TEN hours straight!

ADDITIONAL LAND SALE!!  SALE!! SALE!!

Starting October 27th, we will be holding a land sale that will benefit all existing ZoHa Customers seeking extra prim!

Additional Full Prim region parcels and sims will be 20% off list prices.
Additional Homestead region parcels and sims will be 10% off list prices.

This sale includes 20% off full prim sim land – this includes 20k (15995L/week with 20% discount) and 30k (17595L/week with 20% discount) prim sim regions AND PARCELS.

Homestead region parcels and sims will be 10% off list prices.  This means Homestead sims for 6925L/week!

Have a friend to refer?
Refer a friend and have them speak to an agent today!

Are you wanting to return to ZI after a nice long summer away in RL?
2 weeks down gets you the same deal. Come on over and speak to an agent today!

New to ZoHa Completely?
Speak to an agent today!

Please find a list of standard pricing here that discounts maybe applied to.

ATTENTION:
Speak to a sales agent BEFORE buying your additional land to get this promo!

 

Time to Switch From Yahoo to Gmail?

by

Yahoo’s new owner, Verizon, recently revealed that all 3 billion Yahoo accounts have been compromised, greatly upping the admission of damage that Yahoo made before its sale to the telecom giant. So if you have a Yahoo account, it’s time to find another email service provider that will better protect your email privacy and security, and yes if you tied your yahoo account to secondlife then that was also compromised. Here’s my advice on how to switch to Gmail…

Moving Yahoo Mail to Gmail

If you have not changed your Yahoo password recently, it is 100% certain that hackers have the keys to it. Not Good. The recent revelation that hackers were able to compromise all of Yahoo’s THREE BILLION accounts is mind-blowing. It’s time to leave Yahoo Mail in the digital dustbin of history, and move to a new webmail provider.

You may be loathe to leave your contacts and emails behind. But don’t worry, you can take them with you! Google’s Gmail (my preferred email service for 12+ years) makes the process of importing contacts and mail from Yahoo (and other services) as simple as it can be. That isn’t exactly “dead simple,” but most users should be able to do it in just a few minutes.

The first thing you should do is change your Yahoo password to something extremely strong. Also, enable two-factor authentication if you haven’t already done so. With these changes, hackers would need both your password and your phone to get into your Yahoo account.

You want to keep control of your Yahoo account, even if you don’t actively use it. The reason is that abandoned account names are recycled by Yahoo. A bad guy could appropriate your old Yahoo handle and impersonate you. So don’t delete your Yahoo account, just lock it up for now.

 You should also disconnect any external services that are connected to your Yahoo account. To do this, from your Yahoo inbox page, click on the gear icon (upper-right), then on Settings. Click on Accounts to see all of the email accounts, social networks, cloud services, and other services connected to your Yahoo account. Go down the list and disconnect each one. This will eliminate your Yahoo account as a bad guy’s conduit to your other accounts.

Finally, if you have been using your Yahoo password on any other services, change those passwords. And stop re-using passwords — every account should have its own, unique, and strong password.

First, create a Google account if you don’t already have one. You can sign up here.

Just like Yahoo’s inbox page, the Gmail inbox page has a gear icon in the upper-right corner. Click on it and then click Settings. Next, click Accounts and Import, then click Import Mail and Contacts. Enter your Yahoo address (include the @yahoo.com part), press Continue, then click Agree to give the app permission to access your Yahoo account.

Next, select the import options you want: import contacts, import existing mail, and/or import new Yahoo mail for the next 30 days. Finally, click Start Import.

It may take a couple of days for Google to import all of your Yahoo mail, if your Yahoo inbox is very full. Another consideration is that Google only imports the mail that’s in your inbox, not drafts, sent email, or email saved in other folders. To import such items, you will need to manually move them to your Yahoo inbox, then let Google import them. To check the status of your import, look under Settings > Accounts and Import.

Google assigns a label to each imported email; it is your Yahoo username. If you want to recreate the folders you had on Yahoo, you can import what’s in your Yahoo inbox, then delete the Yahoo inbox’s contents. Rename the new Gmail label to Yahoo-Inbox. Move the next folder’s contents to the Yahoo inbox and import to Google again. Rename the Gmail label to match the Yahoo folder name, and repeat for each folder. It’s tedious, but it works.

Are you still using Yahoo Mail? Do you have a plan to switch to Gmail or another webmail service?It’s time to really rethink your options before it’s too late.

Don’t forget our 10th year Customer appreciation party coming up, there will be 10 hours of live music,fun and prizes don’t miss out be there!

Have a great week

Deuce Marjeta and the ZI Staff.

Here’s Why Your Password is Hackable

by

Over the past two decades, password rules have become more complicated and burdensome upon users. Users have coped with arbitrary, byzantine password rules by creating the most easily remembered passwords that comply with the rules, changing them when required in minor, predictable ways, and reusing compliant passwords on multiple online accounts. The results include lots of frustration and LESS security. Here’s how to do it right…

Everything You Know About Passwords is Wrong

A typical site now requires you to create a password at least 8 characters long that includes at least three or four types of characters: upper-case, lower-case, numeral, and special characters such as !, @, #, etc. In most cases, the resulting password is exactly 8 characters long, begins with an upper-case character, and ends with an exclamation point or the numeral “1.” Often it’s a recognizable name associated with the user, such as a child’s or pet’s name. If a password needs to be changed, it’s often only the last character that’s changed, and in a predictable fashion, i. e., “1” becomes “2,” “!” becomes “@,” etc.

Hackers know these official rules, and the de facto rules that users have created to comply with the least effort. They have hundred of billions of stolen passwords from which to figure out the rules, and they incorporate the rules in password-cracking software to make it more efficient. They also have massive computing power that can try billions of possible passwords per hour. The upshot is that most passwords actually in use can be cracked in a matter of hours.

One solution to human predictability is password-generating software that produces longer, more random passwords, and password-management software that remembers what site a password goes with. These functions may be combined in one software package, such as Roboform, Dashlane or LastPass.

But many sites deliberately thwart the use of password managers, either by forcing users to enter usernames and passwords on two separate screens or by adding code that blocks auto-filling of passwords. Apparently, the admins of such sites think a password encrypted and stored on a hard drive is as insecure as one written on a Post-It Note.

Another solution to remembering strong passwords is mnemonic – a sentence that’s easily remembered because it makes grammatical sense, and which contains the characters of a password that can be extracted by applying a simple rule. For instance, a password might be the first letters of the sentence, “My horse knows how to use 2 pink staple guns.” In fact, that whole sentence would make a virtually impenetrable password, if the official rules allowed spaces.

This geeky cartoon from XKCD.com illustrates the difference between passwords as they are and as they could be, if sysadmins allowed it. Following the official rules results in a password that’s easily cracked in 3 days, while the phrase, “correct horse battery staple” takes 550 years, far longer than any hacker cares to spend.

What About Those Password Strength Meters?

Research has found that users will create stronger passwords if they receive feedback about password strength as they create a password. But so-called “strength meters” often measure only compliance with rules instead of statistical strength, according to researchers at Carnegie-Mellon University. The CMU geeks have created a strength meter that uses a powerful neural network to calculate the true strength of a hypothetical password on the spot, and even explains what’s wrong with your password creation strategy. The rules they recommend are:

  • At least 12 characters per password
  • Capitalized and special characters in the middle of the password, not at ends
  • No names associated with pets or sports teams
  • No song lyrics
  • Avoid the word “love” in any language
  • Avoid patterns such as “123,” including keyboard patterns (“qwertyasdfg”)

I advise using a password generator/manager wherever possible. They’re getting better at circumventing the security-limiting roadblocks that some website owners think are important. If you prefer not to use password software, a memorable phrase is the next best thing. In the past, I’ve used the first sentence from the first paragraph of a certain page in an old book. For example, on page 67 of “The Autobiography of Benjamin Franklin,” I found the phrase “There are Croakers in every country.” It’s memorable, and it makes for a strong password. Or as mentioned above, you can apply a formula of your choosing to such a phrase.

What’s your password strategy? Do you use a password manager, a sticky note, or keep it in your head?

Have A Great Week

Deuce Marjeta and the ZI Team