Tuesday, 31 July 2012

Choosing a Password - Your personal password algorithm

How to choose a password for everything

So a website is looking for a password with numbers and characters? How do you choose without forgetting it two minutes later? 

The problem with choosing passwords is that experts always tell you to choose different passwords for different sites and to never write them down. How on earth can you remember all those passwords and not forget them? Well most people don't and take the easy way out and use the same password for everything. BAD IDEA. Have a look below and if you use any of these, shame on you

Is your password on the list?


  1. password
  2. 123456
  3. 12345678
  4. 1234
  5. qwerty
  6. 12345
  7. dragon
  8. pussy
  9. baseball
  10. football
  11. letmein
  12. monkey
  13. 696969
  14. abc123
  15. mustang
  16. michael
  17. shadow
  18. master
  19. jennifer
  20. 111111
  21. 2000
  22. jordan
  23. superman
  24. harley
  25. 1234567

The tech solution

Some people use password wallets or automatic password generators that use random strings for each site and encrypts that list on your computer. This list can then be accessed by a master password. This is great but what if you want to access your sites away from your computer or if you computer succumbs to a terminal case of FUBAR...

Here's how - your own personal password algorithm

It's an easy concept and one that you can use to have different passwords for all your internet services and hangouts. It's just one way and you can easily create your own or use a variation on the theme.

Step 1.

Choose a simple saying or sentence. That sounds simple but it is the most important step in this exercise. 

DO NOT: 
  • Choose a sentence a friend or acquaintance can guess. e.g. I live in California
  • Include your username or name in the sentence e.g. My name is Bob
  • Choose a quote or easily guessed term e.g. One small step for man
DO:
  • If you are allowed include a capital letter e.g. The Seine runs through Paris
  • Use numbers that also make sense in the sentence e.g. I just lost 10 dollars
  • Again, if allowed include a punctuation symbol and add numbers e.g. I just lost $10 at the casino
Lets combine our rules and follow our own suggestion and come up with a sentence:

"I just lost $10 at the Bellagio"

Step 2.

Customise the sentence to suit your own needs. In my case some of my sites don't accept spaces so I'll remove them. So now our password looks like this:

"Ijustlost$10attheBellagio"

Now this a password that is 25 characters long and is both easy to type and easy to remember. It is also extremely difficult to crack for anyone guessing or using a dictionary attack on your password.

Step 3.

Now to make your password different for every site and also easy to remember. This bit is crucial and it is vital to come up with something that works for you.  

Lets say we want to use our password for Gmail, Reddit and Twitter.

We could alter the password by adding the site name to the password like so:

"Ijustlost$10atGmail"


BAD IDEA. If someone found out your password for Gmail they can easily guess your Reddit and Twitter passwords too.

So we have to come up with another method to make each one unique and can be easily remembered. One way is to alter the numeric amount according to each site. For example, because Gmail begins with a G and G is the seventh letter of the alphabet we could have:

Gmail -> "Ijustlost$7attheBellagio"

Reddit -> "Ijustlost$18attheBellagio"

Twitter - > "Ijustlost$20attheBellagio"


This could work but again somebody might discover one of your passwords and figure out your method so to make it a little more complex we add in a second variable. Lets add in the number of letters in the site name.

Gmail -> "Ijustlost$75attheBellagio"

Reddit -> "Ijustlost$186attheBellagio"

Twitter - > "Ijustlost$207attheBellagio"


As you can see by adding in more variables you can make the password more secure. At this point Ill leave it up to your paranoia as to how secure you want to make your password. Some suggestions:

  • Divide your sites into categories (Social Media, Email, Shopping, Banking) and have a different phrases for each category. 
  • Make the phrase or sentence grammatically incorrect on purpose e.g. "I ate an banana"
  • Make sure you can type it quickly by touch so that if anyone ever looked over your shoulder they  wouldn't be able to make it out.

Posted by at
Labels: , , , , , , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)