Which password did I use for this website?
I use the same password for all my accounts.
I keep my passwords on a sticky note on my monitor or on a file in my computer.
These are common lines we hear from clients all the time, and in today’s world where the average person has 27 passwords to remember, this makes keeping them straight rather daunting. What is one to do to create a secure password that is also easy to remember?
Let’s step back first and look at why we want to have a secure password in the first place. Hackers today have a plethora of tools at their disposal to try and hack your password to a website, one of the basic ones is a plain dictionary attack. They would use a dictionary that consists of the top 10,000 used passwords and yes there are websites that track and creates these lists.
So how do I create a password that is strong, but is also fairly easy to remember. First, let’s start with the basics. Most websites can use a password that can consist of Uppercase, Lowercase, Number or special characters like _-%^&*. The best practice is to use 3 of the 4 types at a minimum with a length of at least 8 characters, but Password123 does not cut it. You want to try and create a password that makes it hard for a hacker to use a dictionary attack and here are two methods.
1. Use a random sentence with some substitution of numbers for characters.
4WallsRBlue-1 or Beach1ife@30
While these are good, it is still not good to use the same one for all your accounts. If one site gets compromised by a hacker they could use this password for all your websites. I would at least make all your sensitive accounts like online banking a separate password. The next option allows you to have multiple passwords for different websites.
2. Make a two-part password that consists of something you know and something on the website.
In this case, I will use Surfing@30 as the first part of my password and let’s say I use the first 3 letters of their domain.
Surfing@30Yah – Yahoo
Surfing@30Goo – Google
Surfing@30Cra – Craigslist
While these are two methods they are not the only ones you can use. If you still need to keep your passwords written down just make sure it is on a file that you can password protect like an excel or word document. There are also a number of software packages/companies that will store your passwords and a list of them can be found here. Password Managers
