Twitter   RSS Feed   LinkedIn
« Innovation in RTP Handout | Main | Building Great Software »
Wednesday
Mar142012

Making Secure Passwords

How to make and remember secure passwords that are unique to each site

It’s easy to get overwhelmed with passwords.  Given the proliferation of sites that require you to login, one could easily have a dozen or more passwords to memorize. 

Sure you could always write them on a sticky note on your monitor, or use the same password for multiple sites.  It doesn’t take a security wizard to realize that neither of these are safe approaches to passwords. 

The idea is simple:  Site Based Phrase + Secure Phrase = Secure Password

Site Based Phrase

The first part of the password will be based on the site itself.  By applying a pattern to the name of the site you’ll be able to re-remember the first part of your password each time you need to login.  Let’s illustrate with several patterns using Twitter as an example.

Site:  Twitter

Pattern Site Based Phrase
First four letters of site name Twit
Consonants of site name Twttr
Every other letter Titr

 

Note that the first letter of the password is intentionally capitalized.  You could vary the patterns above by capitalizing a different letter – second, third, etc.

Secure Phrase

The second part of the password is a secure phrase that you memorize.  We’re going to add symbols and numbers to make it more secure.  Here are some examples based on ACC school names.

Pattern Secure Phrase
Wolfpack:  O to zero, A to @ W0lfp@ck91
Carolina:  A to @, L to one C@ro1ina98

Wake Forest:  A to @, E to three

W@k3Forest05

 

Yes, this part of the password is harder to memorize.  But you only need one of these phrases.

Combining the Phrases

To get a secure password, combine the site based phrase with your secure phrase.  Here are examples for a few popular sites.

Site Site Based Phrase Secure Phrase Password
Twitter Twit W0lfp@ck91 TwitW0lfp@ck91
Facebook Face W0lfp@ck91 FaceW0lfp@ck91
Gmail Gmai W0lfp@ck91 GmaiW0lfp@ck91

 

Conclusion

Would the National Security Agency endorse this approach?  Probably not.  It will, however, keep you off the Worst Passwords List and it’s much better than using the same password on multiple sites.