How to Create a Secure Password

Users are hugely important on a Linux system. We’ll look at how to create a new user, and how and when to use super user privileges, to help make sure that our Linux use is safe.

Creating a New User

The first thing we’re going to do is create a new user account for ourselves. Running Linux as the root user is really dangerous, as any small mistake can potentially be catastrophic for the whole system. For this reason it’s best to create a new user account and use that when using the system, and only use root user privileges when absolutely necessary.

First of all, decide what you want your login name to be. Usually, it’s your first name, perhaps with the first initial of your surname. Don’t start with a number, don’t use spaces or control characters, and it’s best to use all lower case letters. Also, keep it down to no more than eight characters in length.

So, if you’re Bill Gates, you might want your Linux login to be billg – or just bill. This is fine as a login, but down the line it might be useful if the user could be identified from a better description. Fortunately, Linux allows us to specify the full name with the user account. To add Bill to the computer, we’d do this:

$ useradd -c Bill Gates billg

You can use this command to go ahead and create your account now, simply substitute your own name for Bill Gates, and your own choice of login name for billg. For Windows users, note the convention of the $ sign. This just means that you are at the Linux command prompt, and should type what comes after the $ and hit enter.

Creating a Secure Password

Now you need to choose a password. If you’re using a public server then you really need to take this seriously. You must choose a safe password or you’re leaving yourself vulnerable to hacker attacks. Hackers could potentially take down your website, your entire server, or worse, compromise sensitive data.

The best passwords are a combination of letters in upper and lower case, include numbers, and also symbols. They must not include dictionary words, names, or birthdates – at least not whole. Most people balk at this and wonder how they can ever come up with a password that they’ll remember. There are two possibilities. With the first, the secret is to choose a phrase that will serve as a mnemonic, and build the password from that. Here are some examples.

Password Mnemonic
Mff?Noyb! My favourite food? None of your business!
Iu2*l*VH I used 2 *love* Van Halen
R1:UUClcs&n Rule 1: Use Upper Case lower case symbols & numbers

Obviously the mnemonic will be personal to you. Notice that the words in the mnemonic indicate whether the password letter should be upper or lower case.

The second method involves interleaving two seperate phrases or number sequences. This can be a little less secure, so be careful using it. But for instance, take a name, say Van Halen, and one of their album titles, OU812. The principle is that the two phrases are weaved together, like this:


At first glance, this looks like gibberish, and is pretty tough to guess. However, you will need to choose two good phrases that you can remember, and make sure that they are distinct in some way. One should be letters, the other numbers, and introduce a symbol where possible as in the example, where the underscore has been used for the space, and a question mark has been added to the question OU812 (Oh you ate one too?).

So now you’ve chosen your password, you can add it to your account using the passwd command. For our user billg, we’d do the following:

$ passwd billg

When you enter this command, you’ll be prompted to enter the password. Type it in carefully, and be warned that you won’t see the characters on screen as you type them in. You’ll need to repeat the password to verify that you have entered it correctly. If all has gone well, you’ll be returned to the command prompt.

You should now log out of the system as root user, and in future log in only to your new user account. To do this, go through the login process but now substitute your new user name for root, and enter your newly created password when prompted.