Cross-posted from my tech blog. Hopefully you’ll find this helpful.
So last night I was sleeping peacefully when my iPhone and Nexus 7 lit up the bedroom like a beacon in the dreamscape. Startled by this (it’s almost as bad as the phone ringing in the middle of the night), I jumped up, wide awake, to see what the urgent message was about.
The message was something to the effect of, ‘Someone tried to get into your Facebook account and we’ve locked it.’ Since the account was locked, I knew it could wait until morning, so I went back to sleep. Kudos to Facebook for being proactive with my account security.
So what I needed to do this morning was change my passwords on my accounts. I was due for a password change anyways (I try to do it once a quarter or so), so I thought I would share my little password generation method with the masses in hopes that you’ll find it helpful.
We all know that passwords are a pain in the butt. They need to be something that you’ll remember, but they can’t be something that will be easily guessed. The days of using “password” as your password should be long, long gone. However, I do use a password that can be easily remembered. I start out with a phrase or word that is meaningful to me. For example, on my wedding day, I made a promise to my husband, so I’ll start with that word:
promised
One thing that you should always do is use a mixture of both lower- and uppercase letters in your password, so let’s change the first letter to an uppercase letter.
Promised
It’s still a pretty simple word to guess, right? The second step in my password generation is adding an adjective or an emotion to the word. Not only does it make the password harder to crack because you’re changing the password to a phrase, it also makes it easier to remember. My promise to my husband makes me happy, so I’ll add a word that indicates this.
Promisedyay!
The exclamation point at the end drives the point home and makes the password even more secure.
The next thing we want to do is we want to change the vowels to symbols that look like their alphabetic counterparts. This is a loose interpretation of leet speak and it adds another layer of security to your passphrase.
Pr0m1s3dy@y!
The last thing I do is add an indicator as to what service this password is going to be used on. Now some people might find this odd, but this gives me the ability to use the same password or phrase on all my accounts but still have unique passwords for each. I am going to use this password for my Facebook account, so let’s add that to the mix.
Pr0m1s3dy@y!FB
One approach to this might be if Facebook is the first thing you go to in the morning, put the FB at the beginning. If you have a Twitter account that you tend to go to after you go to Facebook, you could put that at the end, so you’d have
FBPr0m1s3dy@y!
Pr0m1s3dy@y!TW
Your password still has meaning to you, but is much more secure because you’ve added these different layers of customization and security to it.
Happy surfing and feel confident knowing that you’re surfing safely!
I use a very similar method of password generation. Especially with the latter portion. That way I can have a root password that just has a different ending depending on what site I’m on.
I’ve used this method for quite a while and it works well for me. I’ve tried using programs such as 1Password but they don’t engage me enough or, conversely, I find them too intrusive, especially in Safari.
Same here. I use a program/app called DataVault to store all my info in, but I don’t use it via the web browser. It’s just a utility that I can keep passwords and other info in.