Password wrangling – Create a better password

Two lifehacker posts are the inspiration for this article (this one about hacking your password and this one about checking how secure your password is).

We’ve all experienced it – that infuriating moment just a day or two after a password change when you realize that you’ve forgotten what you chose (although you’re certain that it was witty and brilliant).  In truth, there isn’t much that I can do for your lost passwords… but I can probably help you create *better* passwords that might be easier to remember.

The recommendations in the articles referenced above will help you understand what makes a password strong.  If you don’t like those, there a millions of other sites – try searching for “how to make a strong password”.  To summarize the common themes, anything that relates to you is bad (names, addresses, etc).  Things that are random and not English are good (extra points for numbers and symbols).

You might be wondering “but then how do I remember it?”.  I’ve given this some thought in past so I figured that I would share my secret.  Here is what I do:

1. Choose a completely random, absolutely impossible to guess phrase like “i ate a watermelon once while naked at the zoo”.  Make yourself laugh, be witty or stupid, but for gosh sakes pick something that you’ll remember!

2. Create an algorithm.  Be creative but not crazy – you’ll need to remember how you did this later to recover the password.  Here are some examples:

- take the first letter of each word in your phrase (iaawownatz)

- take all the vowels only (iaeaaeeooeieaeaeoo – with the current example phrase this would be bonkers)

- before each 3 letter word, count the letters, then add the 3 letter word, then count the letters until the next 3 letter word, etc (1ate27zoo – so much work for a rather lame password, but it shows how far you can take this)

Ok so that’s a fun guideline for creating crazy but not impossible passwords, but we are advised not to use the same password for each site, so how many phrases do you need?  Very few!  You could include the name of the site in your password phrase.  For example, if my phrase was “I’m a lover not a hater”, I could include nytimes.com in there to make “I’m a nytimes.com lover not a hater”.  My first letter password would be “ianlnah” for nytimes, but “iacinah” for CNN and “iaginah” for Gmail.  Not bad eh?

If you’ve followed along so far, at this point you have a unique, strange, password for every site in your life.  I recommend that you do yourself one last favor – create another pass phrase for the really sensitive sites, like banks.  The burden of protecting your data increases as the sensitivity increases – so a bank is obligated to do cartwheels to protect you, but yahoo.com isn’t (as much).  It makes sense to have at least two levels of security in your system.

Finally, for those who think the above solution is a waste of time, you could ignore all that and use a password management tool.  This is a place that saves all your passwords behind a master password.  I’ll leave it to you to decide which you believe is more secure – personally, I trust my way of remembering passwords far more than I trust any one company to hold my data – but that’s just my paranoia speaking…  If you want to try some out, take a look at LastPass or 1Password.

Enjoy creating your new passwords!

~ab

Enhanced by Zemanta

Tell us what you think!

Get Adobe Flash playerPlugin by wpburn.com wordpress themes