Picking Good Passwords You’ll Actually Remember

Last weekend, I had a lot of online shopping to do!

I started clicking away, filling up my shopping cart, hit checkout and…declined?

“What?” I thought to myself. I just got paid! So, in complete meltdown mode I logged into my bank account and at the top of the transaction list I spotted several pending charges, including one for $1,400 to walmart.com. My card number had been stolen and my bank account was compromised.

I always thought I did everything possible to prevent being subject of an account hack or identity theft situation. I had a six-letter password, shredded all my bills and never gave up personal information on the phone. But then I read this on Stopthehacker.com: “It takes only 10 minutes to crack a lowercase password that is 6 characters long. Add two extra letters and a few uppercase letters and that number jumps to 3 years. Add just one more character and some numbers and symbols and it will take 44,530 years to crack”. And just that easily I had become the most recent victim of the 73 percent of Americans who have fallen victim to cybercrime.

With so many online accounts and several passwords to remember, no wonder I, like so many others, had fallen victim to a “too simple” password. In fact, the average Internet user has 6.5 passwords and 25 online accounts, some of which require a new password every three months.

So, I began looking around for tips on how to pick—and remember—strong passwords.

Picking a good password is easy once you create good criteria to follow. So, I decided to compile a list of Do’s and Don’ts for good, memorable password development.

How To Pick A Good Password You Can Actually Remember

DO: Pick a variation of a password or password scheme to help you remember a different password once you are required to choose a new password. An example would be a person, action, object-phrase that can be varied by changing the person’s name (i.e. “PatCooks$paghetti” or “JohnEatsP0tat0es”).

DON’T: Reuse old passwords if possible. If you do, wait for at least a year.

DO: Create a variation of your password for different sites so you have a different password but don’t need to write it down to remember it.

DON’T: Use the same password for multiple accounts, which could lead to all your accounts being hacked if a single account is compromised.

DO: Choose a password you can remember without writing it down (but if you do write it down, keep is secure and far from your computer).

DON’T: Include personal information in your password such as a birth date, social security number or address.

DO: Select a password that uses a variety of numbers, symbols, upper case and lower case characters.

DON’T: Use keyboard patterns or sequential numbers like “QWERTY” or “123456”.

DO: Make up a phonetic, not dictionary, password that is a variation of a word or words, made up with a combination of numbers and letters, like “Gr8_cLRK”.

DON’T: Select “dictionary” words.

DO: Try to select a varied number of different letters and numbers.

DON’T: Use repetitive letters or numbers like “ZZZ111”.

DO: Create an acronym from a phrase to help you remember your password.

DON’T: Use predictable acronyms or phrases like “TRUSTNO1”

DO: Change up your password by starting with a number or lower case character; using numbers other than 1 and 2, eliminating vowels, and keeping the password void of personal information.

DON’T: Be predictable by using vowels, the numbers 1 or 2 at the end, a capital at the beginning of a password, or personal names or hobbies.

DO: Keep your password to more than eight characters.

DON’T: Make a password so long a site requires you to choose a shorter password (usually 10-12 characters).

Once you find a great system for password creation, it’s worth its weight in gold. Ok, maybe not gold, but for me, at least $1,400.

Share This Post:

This entry was posted in Best Practices, BMS Tech Tips, City Clerk Cafe, Cloud Computing, Office Efficiency. Bookmark the permalink. Follow any comments here with the RSS feed for this post. Both comments and trackbacks are currently closed.