On Passwords

Dear readers, it has come to my attention that not everybody uses secure passwords. As a reformed nerd, it horrifies me to no end that people would simply not care about password strength. A lot of people think it's too hard to make a strong password that's still memorable. However, using some simple memory tricks you can make it a lot easier. The following are my personal tips and tricks for making better passwords for the everyday user.

1. Take advantage of phrases you already have memorized. For me, song lyrics are the best password forging raw material because they're so easy to remember. Before you even think about symbols and numbers, find a phrase that you can remember and type quickly. Your goal is to have a long phrase that it impossible for a computer to guess.
2. Come up with a format, and stick with it. If you have a hard time remembering where your numbers and symbols go, come up with a consistent format so that every time you create a new password, it follows the same basic rules as the last. For example, decide whether the numbers go in front of the phrase, or behind, or both. Also, try separating numbers and phrases with symbols.
3. Make your passwords unique for each website by using part of the name of the website in your password. Avoid password reuse by identifying at the end of your password which website you're logging into. This also adds complexity without being hard to remember.
4. Before changing your password, practice it. No, seriously practice it. Open notepad and type your new password over and over again to make sure that it feels good under your fingers, because you'll be trying it a lot. This is where memorization happens the best. 

Remember the basics of password security: Don't reuse the same password more than once, make it long, use a variety of symbols, numbers and capitalization, and change it regularly.  Using these tips, you'll have a password that is easy to remember, and fits these criteria. Being easy to remember makes it a lot easier to change passwords, as well. Don't forget, howsecureismypassword.net still exists and is still incredibly useful.

I could write an entire book about why password security is important, and I may dive deeper into this idea in a later post. The point is, treat passwords like the keys to your life. If you don't want people messing with how the world sees you on your public profiles, take passwords seriously. Using a weak password may be easier to remember but it wastes time in the long run when you have to clean up a hacker's mess all over your accounts. Don't leave it to chance, and certainly don't just hope nobody will try to hack you. The best way to defend your online accounts is to act like they're already under attack.