As we are all told every time we are setting up an online account somewhere, it’s important that you choose a strong password for a number of reasons. The first is to avoid a hacker guessing your password through brute-force or what is often called “dictionary” hacking. That’s exactly what it sounds like – a hacker runs through a “dictionary” of common words until one works. Since hackers are using automated scripts, they can literally try thousands of passwords per hour. The secondary danger is using the same password across multiple sites. If a hacker gets that common password, he or she can now access anything you have using the same password. Here is a simple and easy to remember technique that creates individualized and strong passwords for any website or service.
1. Start with a “mnemonic” root password.
Mnemonic is just a 75 cent word (adjusted for inflation) that simply means “easy to remember”. OK that’s not the dictionary definition but close enough for our purposes. We are not trying to remember multiple passwords, we just want to be able to easily remember this root password. We’ll get into why I call it a “root” password in the next step. What really works for me is to take a memorable line from a song, book or movie, and take the first letter of each word and string them together. So for example, “All You Need is Love” becomes “aYniL” Capitalize a couple of the letters. This is a good start, but most sites and services require at least 8 characters. Again drawing on stuff you won’t forget, split your birth year to each end of the string. So now I have “19aYniL63”. But wait, there’s more! Quite often your password needs to contain “special characters”. Those are the ones we usually use for swearing online. So I add a couple of those, again to each end: “@19aYniL63#”. Yay! We have a relatively strong root password, that you’ll find easy to memorize. But we don’t want to use this as an actual password anywhere. Using the exact same password on multiple sites is nearly as bad as a weak password. On to step 2.
2. Create a consistent “Password Formula”.
Next we are going to devise a “password formula” that we use to make our root password unique for every site where a password is needed. The simplest formula is to simply add the first two characters of the website to the front of the root password, and the last two characters to the end of the root password. Use at least two characters to minimize any password duplication between sites with similar names. So to use our example root password for facebook, it would become “fa@19aYniL63#ok”. There we go – a 15 character, very strong password that looks like random characters, but will be easy for you to remember simply by memorizing the root password, and always applying the same formula to build the full password. You can devise whatever formula you want, but it’s vital that you consistently use the same formula.
3. DO NOT tell anyone your root password or formula.
And that’s all there is to it. You’ll have passwords that every paranoid security administrator will love, and an easy method to build those passwords and later recall them with little effort.