Everyone who uses the internet must user usernames and passwords and that’s just the way it is. Whether it’s for email, instant messaging or any web site that has authentication of any type, passwords are par for the course.
Years ago most people would have only a handful of usernames and passwords to remember, but with the explosion of social media, online video/audio/photo/file storage and so on, many people have 15 or more.
The way most people get around this is to the use same username/password for all their accounts. This is stupid because if one system you use is compromised where your authentication information is found, all your stuff is then "in the open", so to speak.
I’ll cover how to choose passwords that can be different yet remembered by you easily in the list below.
1. Avoid repeating characters
Example: cccrazylikeafox
The "ccc" is the repeating set of characters. Don’t do this.
2. Use mixed case
Uppercase: CRAZYLIKEAFOX
Lowercase: crazylikeafox
Mixed case: CraZylIkeAfOX
3. Use mixed case letters and numbers
Example: 27CrAzylIkeAFox93
4. Use other characters (if allowed)
Example: 27-C_rA:zy>lIkeAF<ox9!3
Note: Some web sites don’t allow this (but they all should).
5. Let a password manager choose the password
Example: Use KeePass Password Safe
Example screen shot:
Yes, the above is a crazy password, but that’s the whole point. With 183-bit quality it would be extremely difficult for anyone to find out what it is.
And obviously you should use the password manager software to remember it for you – encrypted, of course.
6. Use a random physical address
This actually does make for fairly good passwords.
Go to Google Maps, pick a town and state that you don’t live in (nor have you ever), type in a type of business and use its physical address as your password.
Example: I choose Boise, Idaho. I’ve never been there and have never set foot in that state. Then I type restaurant and find a place called Elmer’s. The physical address is 1385 S Capitol Blvd.
The password would be written as 1385SCapitolBlvdBoiseID.
According to KeePass Password Safe, this is a 114-bit quality password and well into the "green", which is pretty darned good. The fact it’s also 23 characters long and contains letters of mixed case and numbers also helps out quite a bit.
To note: You will remember this easier than trying to come up with random words and phrases, because more often than not there are time you have to commit physical addresses to memory just trying to get to places – so this is nothing new to you.
I will note again that if you choose to go with this method, pick locations you’ve never been to.
Was there anything I missed concerning better passwords?
Feel free to chime in with a comment or two.
Great article. I ALWAYS use goodpassword.com, it’s simple to use and can generate up to five passwords at a time for passwords up to 12 characters.
I’d recommend using it if you don’t use KeePass (or similar) products already.
I use the original Password Safe, as touted by Bruce Schneier (http://passwordsafe.sourceforge.net/). I’ve never heard of KeePass Password Safe, so I can’t compare, but Password Safe works very well.
the mixed case and the mixed case with letters and numbers is a good idea.
I have been using different usernames and passwords for so long that I am out of wits how to remember them.
Your post helped. I want to streamline my entire jargon soon
I think that its important that they change frequently. I also think its a good idea to rotate between 3 or 4 passwords.
What if your drive crashes and you lose the password manager software?
Hey Gene,
KeePass is, like you said, the software. The passwords are actually all in one file which is password protected or file protected or both. Of course you need KeePass to open it but you can always download KeePass or keep a copy of the file on a flash drive or on a different hard drive. The same with the file that contains your passwords, just keep a separate copy somewhere. I tend to name the password file by date so I know which is newer. As long as you are religious about keeping a back-up then you will never lose your list of passwords. And the bigger my file has ever gotten is like 20kb.
Thanks to PCMECH with those good ideas, because with the six ways to pick better passwords, I have no trouble or problem in forming passwords.