One of the most frustrating aspects of being on the Internet is managing your passwords. Just when you think you have a great password, one of your sites asks you to change it. Even worse, web sites differ greatly in their standards for how “strong” your password should be. The strength of the password defines how hard it would be for an outsider to guess it. In general, the longer the password the stronger it is. However, there are other factors like mixing lower and upper case letters and including numbers. Some sites even require non alpha-numerics like punctuation. The net effect of all of this is that you may end up with many passwords for many sites! How can you be expected to remember all of this?
Strong and Easy to Remember Passwords
Fortunately, there are some techniques that can make managing passwords a little easier. The first step is making a good choice of password. Here are some things you can do:
- Make your passwords a combination of two words you can remember. For example, the name of your two kids. If your kids are Jack and Jill you can start with jackjill. This will help you meet the minimum length requirement for a strong password and so will reduce the number of passwords you need to manage.
- Capitalize some letters. For example, change the last password to JackJill.
- Change a couple of letters to digits. This is usually required by most web sites. Come up with a consistent replacement of certain letters with numbers. For the last example, you can convert it to J8ckJ7ll. Now you’ve met the strength requirement of most systems.
- To make it harder to guess, tack on something unrelated. For example, the last two years of your birthday. Let’s say you were born in 1980, then the password would become J8ckJ7ll80.
- Some obnoxious systems require you to add punctuation, so you might want to throw an exclamation somewhere in this sequence. For example, toss it at the end to get J8ckJ7ll80!
Safely Storing Passwords
Unfortunately, many systems require you to change your password on a regular basis. Even worse, these systems may not allow you to use old passwords. At this stage, even if you have a good system for memorizing passwords – as in the previous section – you will soon be put in a situation where you cannot have a few universal passwords. No matter how hard you try, password proliferation will probably be in the cards for you.
So what do you do? Here are some tricks for storing your password:
- Do NOT put it on a post-it on your monitor. Security intruders know that monitors and desktops are a great place to easily find passwords. In general you should NOT store your password in a location that is not secure.
- If you do have to write it down, do not write down the entire password. Instead, just write down enough to help you remember the full password.
Let’s say you started with the password from the last section “J8ckJ7ll80!” but a system made you change the password. Perhaps what you can do is change the 80 (your birthday) to maybe the year of your wedding (2001) to create a new password “J8ckJ7ll01!” Of course, this password is now an exception so it may be hard to remember. So you might want to write down a hint that is stored in a SECURE location. Your hint might be something like “kids/wedding.” Something cryptic like “kdswdg” is even better.
Password management is frustrating and dangerous. Starting small systems as described here is a good way to keep your personal data, finances, and even physical possessions safe.
