Twitter   RSS Feed   LinkedIn
« Innovation in RTP Handout | Main | Building Great Software »

Making Secure Passwords

How to make and remember secure passwords that are unique to each site

It’s easy to get overwhelmed with passwords.  Given the proliferation of sites that require you to login, one could easily have a dozen or more passwords to memorize. 

Sure you could always write them on a sticky note on your monitor, or use the same password for multiple sites.  It doesn’t take a security wizard to realize that neither of these are safe approaches to passwords. 

The idea is simple:  Site Based Phrase + Secure Phrase = Secure Password

Site Based Phrase

The first part of the password will be based on the site itself.  By applying a pattern to the name of the site you’ll be able to re-remember the first part of your password each time you need to login.  Let’s illustrate with several patterns using Twitter as an example.

Site:  Twitter

Pattern Site Based Phrase
First four letters of site name Twit
Consonants of site name Twttr
Every other letter Titr


Note that the first letter of the password is intentionally capitalized.  You could vary the patterns above by capitalizing a different letter – second, third, etc.

Secure Phrase

The second part of the password is a secure phrase that you memorize.  We’re going to add symbols and numbers to make it more secure.  Here are some examples based on ACC school names.

Pattern Secure Phrase
Wolfpack:  O to zero, A to @ W0lfp@ck91
Carolina:  A to @, L to one C@ro1ina98

Wake Forest:  A to @, E to three



Yes, this part of the password is harder to memorize.  But you only need one of these phrases.

Combining the Phrases

To get a secure password, combine the site based phrase with your secure phrase.  Here are examples for a few popular sites.

Site Site Based Phrase Secure Phrase Password
Twitter Twit W0lfp@ck91 TwitW0lfp@ck91
Facebook Face W0lfp@ck91 FaceW0lfp@ck91
Gmail Gmai W0lfp@ck91 GmaiW0lfp@ck91



Would the National Security Agency endorse this approach?  Probably not.  It will, however, keep you off the Worst Passwords List and it’s much better than using the same password on multiple sites.