Good Password System

With all the Twitter spam of late, I feel the need to address the composition of a good series of passwords. Use this pattern and example to tailor to your own needs and style.

Requirements

Good passwords need to have a mix of lower case and UpPer cASe letters as well as some number and symbol substitutions. Most systems these days require at least 6 characters. Many common sites require eight characters. Some systems even expect a passphrase instead of just a password. Longer passwords are safer.

It’s safest to shoot for at least 8 characters.¬†Decide how many characters your series of passwords will be.

No matter the system, you need to keep it complex enough to fool a would-be hacker, but simple enough to remember. With a good system in place, even if someone watches you type your password, they won’t likely figure it out. The goal is to have a unique password for each site you visit, but to keep them memorable (and quick) to use.

Three Elements

  1. Code
  2. Date
  3. Site

Element One: Code

Pick a code. This should not be your pet’s name, your mother’s name, your favorite color, or any word that can be easily guessed by anyone who knows you. In fact, it’s best if it’s not a word at all. A great way to pick the main part of your password is to chose a line from a song. Use the first letter of each word of that line. Decide how many characters the code will be.

Element Two: Date

Pick an element of the date (not the year!) to include in your password set. Decide how many characters the date will be.

Element Three: Site

Pick a method for taking some characters from the site’s name.

“Substitution” a.k.a. ” $^65+!+^+!()^ “

note [1]

As a rule, you need to substitute a few characters. Don’t go wild; you can’t even use them all. Just pick a few that make sense to you.

  • !=1 (one)
  • !=i
  • 1 (one) =l (a lowercase L)
  • 2=to
  • @=a
  • 3=e or E
  • 4=a or A
  • 5=s
  • $=s
  • 6=b
  • ^=v
  • ^=A
  • ^=y or Y
  • ^=u or U
  • ^^ (two carats)=W
  • 7=L
  • 8=g
  • &=q
  • (=c
  • )=d
  • () (both parenthesis)=O (a capital O)
  • () (both parenthesis)=o (a lowercase O)
  • () (both parenthesis)=0 (zero)
  • +=t or T

Example

Now that we have our three elements and a substitution set, let’s put it all together!

This example uses 16 characters for every password.

Code

  • 6 characters
  • using the song “Let’s Call the Whole Thing Off”
  • subbing ( for c, capital fourth letter
  • l(tWto

Date

  • 5 characters
  • three letter month, capital middle letter, 2 number day
  • jAn24

Site

  • 5 characters
  • Gmail.com
  • subbing 8 for g, capital second letter, subbing ! for i, subbing 1 (one) for l (lowercase L)
  • 8Ma!1

Password

  • l(tWt0 with jAn24 with 8Ma!1 becomes
  • l(tWt0jAn248Ma!1

Now, this is a bit extreme, but it gives you the idea. More importantly, it teaches you the tools needed to make a simpler version that is easy to remember no matter what site you may visit.

Making the Change

Do not—-I repeat, do NOT—-change a password on Friday before a holiday weekend. There are just too many things about our brains that will have us forget what we did. Instead, start this on a Monday morning.

Start with the most secure sites you have, like online banking and mint.com.

Next, change the sites you use every day for communication: email, Twitter, facebook, etc.

Then, changes other sites that store personal information: online shopping, memberships, etc. It’s a “best practice” of these sites NOT to store your credit card information, but not all of them are up to date. If someone did hack into your account and could see your credit card number (along with the expiration date and CCV number), you’d have a pretty big mess to untangle.

Change one site at a time as you have the need to log into it. If you use a site infrequently, chances are, you don’t have a lot of important data in there.

Go forth with good passwords!

[1] For the record, $^65+!+^+!()^ is a terrible substitution of characters to letters for the word “substitution”. Most passwords will require some letters in both upper and lower case. So, as a reminder, use a few that make the most sense to YOU!