How do you create a really good secure password that you can remember? These days sites require very complicated and long passwords. I remember years ago reading an article about a test of a 2,000 user password file that was put up against a password cracking program. None of the passwords was modified prior to the test, but they did add one. The added password contained numbers, letters and a symbol.
Before the end of the first day the program had figured out all the passwords except the one that had been added. The lesson learned? The addition of a symbol makes the password much harder to break.
The preceding is good to know but how is that applied in today's environment? How can anyone be expected to keep track of 50 plus passwords that need to be complicated? You don't want to have to write them all down in a book and carry it around with you. What if you lose your book? Or someone you don't trust reads it? There are programs that keep them but they can be inconvenient and insecure.
I literally have hundreds of passwords to keep track of. They are for access to web sites I use and access to systems I maintain. I don't access most of these every day; in some cases it could be more than a year. So I needed to come up with a way to be able to recall a password from memory even though I have a lot of passwords to remember.
So below is how you can do it, too. Follow this guide. It's not complicated (promise) and you will be able to create as many passwords as you'll ever need to remember without having to write any of them down.
Here's how it works …
Pick two words with a minimum of 3 letters
Word 1: gym
Word 2: fan
Tip to make it more complex: Use larger words if you'd like.
Pick a day of the year using leading zeros.
March 25
is 03 25
Tip to make it more complex (for you nerds): Convert your numbers to hexadecimal.
Pick a symbol from this list of symbols: Plus ( + ) Hyphen ( - ) Carat ( ^ ) Tilde ( ~ )
For this we will use Minus ( - )
Note: You can use other symbols. I chose these as they are the most widely accepted in passwords.
So for review we will be working with:
gym fan 03 25 -
Pick which letters of the words chosen to capitalize; Outside, Middle or Inside
Outside looks like this: Gym faN
Middle looks like this: gYm fAn
Inside looks like this: gyM Fan
For this we will use Outside
In reality you just need to choose one letter in each word to capitalize. The reason for outside, middle or inside is to create a pattern which will be easier for you to remember.
Note: If your words are longer than 3 letters then Middle becomes closest to the Outside or Inside
Once you get that part done, you are done creating your pattern. Here are a few examples:
| Word 1 | Symbol | Month | Day | Symbol | Word 2 | |
|---|---|---|---|---|---|---|
| Gym | - | 03 | 25 | - | faN |
The result is: Gym-03 25-faN
| Month | Word 1 | Symbol | Symbol | Word 2 | Day | |
|---|---|---|---|---|---|---|
| 03 | Gym | - | - | faN | faN |
The result is: 03Gym- -faN25
| Word 1 | Month | Symbol | Symbol | Day | Word 2 | |
|---|---|---|---|---|---|---|
| Gym | 03 | - | - | 25 | faN |
The result is: Gym03- -25faN this becomes our password template
You can see I left a space in the middle. This is how you make the password unique for every site you access. You use the site or system name you are accessing to create what goes here. So you only have to remember the pattern you created. What you are accessing provides the final part of your password pattern.
This next (and last) part of the pattern is what makes the password unique. It is based on the first "X" number of characters of the site or service you are accessing. I recommend you use no less than two. In this example we will use the first three. I call these the "unique characters".
So if you were creating a password for Amazon.com
The unique characters are: ama
Then decide which one of the letters you will always capitalize. For this example we will use the middle one.
That changes unique characters to: aMa
Now take those letters and insert them into your pattern. We will use
| Word 1 | Symbol | Month | Unique Letters | Day | Symbol | Word 2 |
|---|---|---|---|---|---|---|
| Gym | - | 03 | aMa | 25 | - | faN |
When you insert the unique characters your password for Amazon.com is
Gym-03aMa25-faN
That password looks complicated enough doesn't it? Lets use this for another couple sites:
Facebook.com - Gym-03fAc25-faN
Microsoft.com - Gym-03mIc25-faN
Twitter.com - Gym-03tWi25-faN
YouTube.com - Gym-03yOu25-faN
Yahoo.com - Gym-03yAh25-faN
So as you can see this allows you to create a long and complex password that makes sense to you but is not easily hacked. If a system you have used this password on is compromised it cannot be directly used on another system and the likelihood that someone would recognize the pattern is minimal.
I gave you three different patterns but you can arrange them different ways. Use something that makes sense to you. The only hard and fast rule is, never use a symbol first. Many systems don't support a password like that.
You can also do other things to make it even more complex.
Change the Month/Day, Words or Symbols for the type of site your accessing. Lets use numbers as an example.
Any regular site: March 25 (03 25)
Any financial site: July 4 (07 04)
So ...
Facebook.com - Gym-03fAc25-faN
Statebank.com - Gym-07fSt04-faN
Use two symbols one for the left and a different one for the right
Facebook.com - Gym+03fAc25-faN
Statebank.com - Gym+03fSt25-faN
You can also use the tried and true method of exchanging a letter for a number or symbol.
A => @
E => 3
I => 1
O => 0
S => $
My point is that you can make this your own so it's easy for you to remember. You don't have to follow what I did as a strict guide. Use whatever helps make it easy for you to remember. The concept is what's important. Its much easier to remember a pattern.
