An Easy Way to Create Secure, Unique Passwords
These days you need a password for just about everything. It’s hard to keep track of dozens of different passwords, but it’s extremely unsafe to use the same password everywhere. Even reputable websites are sometimes hacked, which can reveal your email address and password. This can spell disaster, as it does for thousands of people every day.
Have you ever received Twitter spam from someone’s account? They were probably hacked, and they may not even know it. Re-using the same password can turn a small embarrassment into a major crisis, especially if you use the password on work-related platforms. Unfortunately, some 60% of us re-use the same passwords over and over.
Here’s a simple way to use unique passwords on each of the websites you use, without making it hard to keep track of them.
Side note: There are great programs like 1Password that can help you manage passwords. In a school environment, though, you may not be able to use tools like this, so the method I describe below should be helpful.
Create an Algorithm
If you panicked when you saw the word “algorithm,” take a deep breath. An algorithm is just a rule you can follow to create passwords.
Your algorithm should contain two things – first, a common string consisting of:
- Lower- and upper-case letters
- At least one number
- At least one of the following: !, @, #, $, %, ^, (, ), or -
(It’s a myth that passwords containing upper-case letters, symbols, and numbers are stronger, but a lot of websites require that you use them, so it’s best to make your algorithm use at least one of each.)
Second, each password needs to contain something unique based on the website it’s for. Because the unique part is based on the particular website, you can always derive it easily.
For example (don’t use this one), you could use the first four letters of the domain name, then your common string. So, if your common string is &7Rook, your Amazon.com password would be amaz&7Rook.
Now, it would probably be pretty easy to guess this algorithm if someone got ahold of one of your passwords (since “amaz” is obviously part of “amazon”), so you’ll want to use something a little less obvious, but still based on the website.
For example, you could use another part of the address or company name, or spell it backwards, or use the keys adjacent to the obvious ones. For example, “amaz” could become “szsx” if your rule is to shift to the right one key (wrapping back to the beginning of the line as needed). Again, this is just an example – don’t use it.
Another example: the last two letters of the domain name, followed by your common string, plus the first letter of the domain name. Using the Amazon.com example, your password would be on&7Rooka.
The trick is to come up with something that would be hard for someone else to figure out, but very easy for you to use once you establish a habit.
Your overall password should be at least 7 digits long. Short passwords are easy to crack, no matter how many upper-case letters they have, and most websites require at least 6 digits.
If you do this, you’ll end up with pretty good, easy-to-remember passwords that will meet the requirements of most websites.
One final tip: Your email account password should never be re-used on any other service, because if someone gets into your email account, they can just about ruin your life. Make your email password extremely strong, totally unique, and if you can, use two-factor authentication.