Tip: Creating easy to remember passwords

Passwords are a pain in the butt, if you use a computer or the Internet then you no doubt have a list of passwords bouncing around in your skull or worse yet a single password that you use everywhere! Here is a simple technique for creating good, easy to remember passwords.

Password inputFirst off here are some golden rules for passwords:

  1. A password needs to be strong (see below)
  2. You should only use a password for one site or account
  3. You should never write a password down
  4. You should never tell anyone else your password (duh)

Of course all of us break these rules…

So what is a good password? A good password is one that is “strong” from a security point of view. Typically this means a string of 8 characters made up of numbers and letters. Additionally the password should not contain any “dictionary” words (e.g. a word you find in the dictionary) nor should it contain information relating to you, such as your name or date of birth.

On top of that, your password should not be a common one. Believe it or not, people tend to think just like you and so there is a whole raft of passwords that people tend to use such as qwerty, 7777777, bond007, butthead, trustno1. This list (from Twitter’s sign-up) page contains 370 common passwords which Twitter does not allow to be used. Needless to say, if one of your passwords is on this list then you should probably not use it :)

Here are 10 “strong” passwords generated using the excellent from pctools.com password generator.

ne3hebr4 fe5ec7ur
th55ucep 2rayaves
24astete 8hacruth
fathu4e7 5rubrast
tebra2ep 4awraph4

Now these passwords are all well and good but you are not likely to memorise them are you? Which means you will either write them down or you will just memorise one, which you would use everywhere. Once again breaking the rules.

So here is better way, which not only generates strong passwords, unique to each website but also makes them easy to remember !

First off choose 4 characters, a mix of letters and numbers (ideally more numbers then letters). These 4 characters are the only thing you will need to remember. For instance r085, which I will use in the examples below.

Next up, when you need a password for a website, take the first 4 characters of the website’s domain name and alternate them with the characters in your secret 4 character string, for example:

                f a c e
                   +      = fra0c8e5
                 r 0 8 5 

twitter.com     t w i t
                   +       = trw0i8t5
                 r 0 8 5 

gmail.com       g m a i
                   +       = grm0a8i5
                 r 0 8 5 

digg.com        d i g g
                   +       = dri0g8g5
                 r 0 8 5

And voila you get nice strong passwords, unique to every site !