About two years ago I wrote about the updated rules of password creation but I still receive questions about creating passwords all the time. Most recently from Jim.
“I would like to know if you have any helpful hints or info on how to make a safe password and most importantly how to remember it. I have too many passwords to remember between work and home.”
So once again we will explore creating extremely hard but easy to remember passwords, with updates from my article from about two years ago.
Yes, I can help you with that. As a matter of fact, I teach it in my "Safety for Seniors" course. So here is my "solution". This looks long but it is really easy to use and remember once you start.
First, here are the basic new rules you should use for a secure password. Notice that they are not what you were taught over the past 20 years. However, they are suggested by the original author of the “old” way.
They should be based on obscure, unexplainable lengthy phrases that are totally random. They should contain the following; 12 characters or more along with capitalization, numbers, symbols and even spaces if allowed. And the final main change is that you should not change your password every 90 days as we were previously advised. As a matter-of-fact, never change it unless you find out you are compromised.
Here is my suggestion for hard but easy to remember password creation. Make up a senseless phrase that you can remember, like this one I just did, "Bees 4 Ireland hope Apples!" Since many sites do not allow spaces, remove the spaces which would result in, "Bees4IrelandhopeApples!"
Then each site should be different. I suggest taking the first 3 or 4 letters of the site and the last 3 or 4 letters of the site (if there are that many) and break them there. Add the first half to the front of your silly phrase and the last to the end. So my Amazon password would be, “AmaBees4IrelandhopeApples!zon” followed up for one for my Gmail account as, “GmaBees4IrelandhopeApples!il.”
To really complicate your password for security purposes add your birth year in there somewhere like this, “19GmaBees4IrelandhopeApples!il54.”
It really is easy once you start using it. All you really need to remember is the silly phrase and know the site you are logging into. No more problems.
Of course, that is my idea, I hope it helps you out. I have used this system for years and have never been hacked. I even have a couple of stupid phrases that I use randomly. That makes it a little harder for me but it works.
You may see a better password creation rule somewhere if so let me know. By-the-way, did you realize the last one created above has 32 characters? I also checked a site that tells you how long it would take to crack your password. That one would take two tredecillion years. That would be a 2 followed by 42 zero years. That seems fairly safe to me.