A simple secure password method

Readers know that I am a strong advocate of long, random passwords for web sites, computer logins, and the like. The 1Password app installed on my MacBook Pro, iPad and iPhone is guaranteed to be used every day. I also love LastPass, and I sometimes think it’s a shame that there’s not a practical way to use both.

While I firmly believe that lengthy gibberish passwords and password managers are the way to go, I know that some people are more comfortable with a simpler system. For whatever reason, their brains are just not wired to find LastPass helpful. As a result, they often use the same password for everything—a very dangerous practice.

Fortunately, there is a way for people like this to still use longer, secure passwords. The process is simple, safe, and effective. We know that the best passwords are at least 12 characters in length, use upper and lower case letters, use numbers, and use symbols. They also do not have “dictionary words” in them as a general rule. Using these principles, and bending the rules just a little bit, we can develop a personalized password system that can be used everywhere. Here’s how:

  • First, create a random nine-character password with at least one capital letter and one number. For example, you could have Y8aln7tfg8. Yes, I know, it’s total gibberish and nothing that you will instantly remember. That’s okay. Create your nine-character password and write it down on a piece of paper. Yes, you can do that. You’re not going to put the piece of paper by your computer. Put it in your wallet or purse. You don’t have to worry too much about someone finding it because Y8aln7tfg8 is not your password. It’s merely a part of your password.
  • Second, pick one random symbol. The exclamation point or asterisk are usually accepted by web sites. Don’t write this down. Simply commit it to memory.
  • What you have now is a password base of ten random characters, including capital and lower case letters, numbers, and a symbol.
  • When you need to create a new password for a web site, use your password base (such as Y8aln7tfg8!) and add the web site to it. For example, at Amazon, you could have Y8aln7tfg8!Amazon as your password. At American Express, you could have Y8aln7tfg8!Amex. When you order shoes, you could use Y8aln7tfg8!Zapatos.

So here’s how this works in practice. You have your nine-character random password (Y8aln7tfg8) that you write down on a piece of paper. The more you use it, the easier it will be to start remembering it. At first, you’ll probably have to pull out the piece of paper. Over time you’ll find that you pull the paper out but don’t look at it as much. Before too long, you’ll pull the paper out but won’t even need it. Your random password has been memorized. You also have your symbol character memorized, and you know what you will plug in at the end of the password: the web site name. If you want, eat the piece of paper with the nine-character portion on it. Eating it will make you feel like you’re in a James Bond movie. If eating paper isn’t your thing, burn it or shred it.

The reason this works is that the complete, long password is never written down. A portion of your passwords is written down, but two other key components—the symbol and the site name—are never written down or disclosed to anyone. Plus, as you eventually memorize the first part of the password, you can destroy the paper on which it is written.

What you have done is created an algorithm: a set of rules for creating a password. So long as you always follow the rules, you’re set. It’s also possible for you to go a bit further with your algorithm. For example, you could create an algorithm that starts with the base (Y8aln7tfg8), adds the symbol character (!), adds the site name (Facebook), and ends with another symbol (*). Or, you could decide that you will always capitalize the first and last letters in the site name (AmazoN).

While I still prefer using 1Password and memorizing only one long password, I hope that others will find the method I’ve described helpful. Let me know what you think by leaving a comment, and if you think this article was useful, please share it!


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s