Personal Technology Tips in Plain English
Super Tip For Creating Safe + Memorable Passwords for Online Accounts
It’s amazing how much of our life is online these days.
We have access to so many critical accounts at the touch of our fingertips — but that also means that they can be at the touch of someone else’s fingertips if you are not careful!
Recently, I had my eBay account password compromised somehow. Even though I am pretty careful about phishing schemes, they got me somehow. So I had to reset my account password and grab control of my account again.
That got me thinking about how many different login’s I have with the same password.
Although I use a couple of different passwords that are pretty unique (not the usual passwords using names, or birthdates or anniversaries, etc), I realized that if one of my important account passwords were discovered, they could semi-easily get into several other accounts if they knew where to try.
Do you have the same online login user id + password combination for multiple websites? Like your bank, PayPal, eBay, Gmail or Y!Mail, etc, etc?
Here’s a great tip for creating unique passwords for each and every site you use in a way where you won’t have to keep using tons of post-it notes to remember them all.
I’ll share one of my own approaches in combination with a added twist that I learned of recently:
- Don’t use names of your family, relatives, pets, etc. Forget using important dates too – like birthdays, anniversaries, graduation dates, etc.
- Pick a PHRASE that is memorable to you such as “It Ain’t Over Till The Fat Lady Sings” or “Four Score And Seven Years Ago” or something else that might be meaningful to you. Bible verses are a great idea or if memory verses are just too hard you can use the scripture reference alone, like “Philippians 4:4“. It would be best if you can find a phrase that has a NUMBER in it or words like TOO, TO, FOR, ATE, etc that can be turned into numbers (think text messaging)
- Use the 1st letter of each word and Capitalize the first or last letter in the string of characters. For example, above, the password strings would become IAOTTFLS and FSASYA. For Bible verse references can become: Phillipians44
- If you have numbers in your phrase, use them — Four Score And Seven Years Ago could finally become 4Sa7ya (notice the two numbers + the “S” was capitalized as the first letter in the string.
- You now have your BASE PASSWORD. We’ll use 4Sa7ya for the rest of this example.
Now here’s the perfect way to make it UNIQUE to each and every site you use, so that if one of them gets compromised, you won’t be at risk regarding all your other online accounts:
Take the first and last letter of the website you’re registering for. For example, PayPal would be “P” and “L“- It’s your choice for capitalization rules, but pick one and stick to it. Either capitalize BOTH, one or the other, or none.
- Pre-pend the base password with the LAST letter and post-pend with the FIRST letter. Our example for PayPal’s password would become L4S7yaP
- Yahoo’s password would be: O4S7yaY
- Chase would be: E4S7yaC
- Gmail would be: L4S7yaG
- eBay would be: Y4S7yaE
- Amazon would be: N4S7yaA
This is one of the best pieces of advice I can pass onto you, especially in these you-can’t-trust-anyone-online days of the new millennium.
Let me know if you like this password scheme or have any other tips or approaches that have worked for you. Leave a comment below!
I love tech, gadgets and the web. Hope you pick-up a useful tip or two here today that helps you use technology to your advantage! Better yet, why not share your own expertise in a comment on a post today to help the other readers that land here for answers!
June 10, 2010 - 5:23 pm
Great post Kenny J. As the expert…I would love to hear your opinion on software or browsers that remember passwords for you. Are these safe? What are the pros and cons of using these?
June 17, 2010 - 5:03 pm
Sure, why not. The big question Chris D, is if your computer is fully in your control, or if it is shared — even within family. For example, as an eBay PowerSeller, there has been countless excuses where the kids or wife (or husband) goes on eBay, logs into an account that is owned by another family member through the use of auto-password-completion features found in Firefox or add-on software. And when the bill comes due, they reneg claiming they didn’t make the purchase, but someone else in their family (a lot of kids) gained access to their account this way (it’s an eye-opening experience for some people not because of eBay access, but some have found their kids gaining access to their bank accounts, etc via the auto-password-completion functions!).
Personally, I don’t recommend it — if you have a password pattern/algorthym that works like this one in the post, you won’t really need to reply upon these. That’s my $0.02 and I’m sticking with it!