« Ad of the Day
Call Before You Dig: 811 »

How to Create Unique Passwords You Will Never Forget

Published by Joseph Ferrara (2) May 5th, 2007 in Password Tip. Comments

password-security.gif

Do you hate trying to remember passwords? Are you so paranoid of hackers that you always create new ones to forget? Here is the easiest way to create and remember your password for any website.

It’s the Password Mashup.

Just pick one master password and mash it with a formula involving the website name. Here’s how it works: Say your core password is KoKo (you know, the chimp who used sign language). You create an account at Google. The password mashup can be KoKoGoo or GooKoko (the formula: using the first 3 letters of the site before or after your master password). Easy. And for added security, wrap the mash-up with a number or one of those strange characters, like the tilde, aka, the swung dash, squiggle, tiddle or Swedish line. It looks like this: ~. I like the tilde because it’s so hard to find on the keyboard. So is this one: |. So your Google password is ~GooKoKo~. At Amazon it’s ~AmaKoKo~. This great tip from the great Lifehacker.

Tip Tips: Some sites do not allow special characters, so have an alternative number wrap. If you come across a site that wants 12 characters, just lengthen the mashup by repeating the last number or character to meet the requirement— 7GooKoKo7777.

The risk, of course, is someone getting one password and breaking your formula code. So you may want to get a formula a little more creative than the first 3 letters of a site. Example: if the website name ends in a consonant, use the 3 letters as a prefix and use an even number wrap. If it ends in a vowel, use 3 letters as a suffix, with an odd number wrap. Or use the first and last letters of the site name. Oh, oh, now I’m confused again.

For a geeky-cool alternative, try Nic Wolff’s Password Composer. Once again, you need only remember one master password. You plug it into the composer to produce a unique password for the site. The password composer bookmarklet can be dragged to your toolbar or downloaded as a Firefox add-on (love that Firefox). There’s some kind of encryption going on involving concatenating two fields and MD5ing.

It works like this:

password-composer1.gif
Google also has a password generator gadget. There’s also Hashapass which uses base64 encoding, whatever that is.

Old school: If you’d rather store all those different passwords try Keepass or Passwordsafe.

Technorati Tags: , , , , ,

Share This Post
  • Thanks for the tip on Clipperz, Marco. We will check it out.
  • Using a password manager is not merely convenient, it’s an effective way to adopt better security practices without too much stress. It basically sums up to: 1) never re-use the same password, 2) use strong passwords.

    But if you are going to use multiple strong and complex passwords you can't remember all of them and you definitely need a password manager.

    Software products like Roboform are certainly an option, but you could also consider a web based solution.
    (i’m a tad biased …)

    Clipperz is an online password manager that can do much more than simply storing your passwords.
    - ubiquitous access
    - direct login to online services
    - offline version (that can be moved to a USB drive)
    - bookmarklet for quick data entry
    - nothing to install or backup
    - …

    It’s free and completely anonymous.

    Clipperz lets you submit confidential information into your browser, but your data are locally encrypted by the browser itself before being uploaded.

    The key for the encryption process is a passphrase known only to you.
    Clipperz simply hosts your sensitive data in encrypted form and could never actually access the data in its plain form.

    For any further information refer to our website:
    http://www.clipperz.com.

    Marco
    Clipperz co-founder
  • Thanks for the tip Brad.
  • Roboform is a good alternative for storing passwords, especially when you combine it with a USB jump drive.

    http://www.roboform.com
  • Thanks Derek. BTW, those transfers from your bank account were not by us :)
  • My password is the entire alphabet backwards. :-)

    I figured that was the best way to put it to memorization in case I ever got pulled over for drinking and driving. But since I done gave up drinking and dipping, I guess I do need to come up with a shorter one.
blog comments powered by Disqus
Blog Widget by LinkWithin