If you’re like the average web user, why do you use the same password for every website and social network you frequent? Aren’t you concerned that someone could guess it?
Photo credit: binaryCoCo @ FlickrI used to do that. For the longest time, I used the same password for my email account as I had on Facebook, MySpace, Classmates, LinkedIn, Twitter, Digg, Del.icio.us, Craigslist, eBay, and every other website that required a username and password combination for access.
No longer.
Fast forward to earlier this summer when I realized that all it took was someone to hack one account to break into all of my accounts. You can read more about passwords and the do’s and don’ts of password creation at Microsoft, Symantec, and McAfee, among other sources.
I needed to change my bad ways and created a new password for every site that required one. I devised a mnemonics system to instantly remember the password without writing it down.
Here’s one way you could do what I did:
- Without using anything found in a dictionary or the result of a Google search, create a series of letters and numbers that holds meaning to you and nobody else, and that you can remember.
- Choose a 7-character nonsensical word, complete with both uppercase and lowercase letters and numbers.
- When you visit a new website that requires a password, type the 7 characters, preceded and succeeded by other letters and numbers, depending on the site.
Photo credit: Brett L. @ Flickr - For instance, if your base password is Qweras6, then…
- Your password on Words.com is: wQweras6ds5
- Your password on Torgs.com is: tQweras6gs5
- Your password on Billboards.com is: bQweras6ds10
- Your password on Froggy.com is fQweras6gy6
If you look at the base and at the combination of letters and numbers on both sides of the base, there is a system which you could easily memorize. Can you decipher it?
Do not use that system!
My system is totally different, but the above gives you a near fool-proof way of having a unique password for every website without fear of it being hacked.
Do you have other tips for password security? If you currently use one password for all sites, will you now consider changing your ways like I did?
Thanks to David Bradley @ Sciencetext for inspiration.
Related posts:
- Hacking Hotmail Accounts is Easy
- SCAM ALERT: Beware LinkedIn Inbox Messages Asking You to Download Setup.exe
- Satisfy Idiotic Customers or Protect Your Rep?
Comments:
Ari Herzog is an online media strategist and Newburyport City Councilor-Elect.
978-558-0008
ConvoTrack
{ 1 trackback }
{ 12 comments }
Thank for taking that password idea to its logical conclusion. If you’re of a scientific bent and want a more mnemonical way to create the pseudo-random string then check out my passwords for scientists idea.
That’s smart. A lot cleaner than my system.
Using different passwords aren’t that difficult when you use FF’s “remember” feature PLUS the master password feature.
The Master pw feature is required before a pw is autofilled. So you really only need to remember one. For back up I take a screenshot of my FF pw list.
David: That’s a neat idea to use drug compounds or star galaxies as passwords. I presume that would be the “base” in terms of creating new passwords for every site?
Anon 9.19: Glad I could help. What is your current system?
Linda: Firefox or any other browser certainly offers password memorization tools, but in the age of virtual computing, what do you do if you’re not at your home computer and need to access something? You don’t want to carry a piece of paper in your purse.
Linda,
Depending upon “Remember your password” is not a good option. Your dependence upon the computer not only confines you to one computer as Ari points out, but also makes you vulnerable if anything happens to that computer (crash, fire, theft).
RT:@ariherzog In light of Twitter and Facebook password issues, please read my security tips from Sept 2008: [link to post]
– http://twitter.com/Sweetnote/statuses/1101187913
– Posted using Chat Catcher
RT “@ariherzog In light of Twitter and Facebook password issues, please read my security tips from Sept 2008 [link to post]“
– http://twitter.com/BJMendelson/statuses/1101189726
– Posted using Chat Catcher
RT @ariherzog: In light of Twitter and Facebook password issues, please read my security tips from Sept 2008: [link to post]
– http://twitter.com/coldacid/statuses/1101191410
– Posted using Chat Catcher
RT @ariherzog: In light of Twitter and Facebook password issues, please read my security tips from Sept 2008: [link to post]
– http://twitter.com/hlooman/statuses/1101193601
– Posted using Chat Catcher
PLS RT @ariherzog: In light of Twitter and Facebook password issues, please read my security tips from Sept 2008: [link to post]
– http://twitter.com/geoffgirardin/statuses/1101194432
– Posted using Chat Catcher
RT @ariherzog: In light of Twitter and Facebook password issues, please read my security tips from Sept 2008: [link to post]
– http://twitter.com/mikenichols0/statuses/1101193995
– Posted using Chat Catcher
RT @ariherzog: In light of Twitter & Facebook password issues, pl. read my security tips from Sept 08: [link to post], please RT
– http://twitter.com/nipashah/statuses/1101198306
– Posted using Chat Catcher
Comments on this entry are closed.