The best password is totally random(ish), twelve characters long, and contains all four character types (uppercase, lowercase, number, and special character). It is also very important to use a different password for each and every account login you have. This can become VERY cumbersome and painful to track ... It's almost impossible, unless you have a solid method to easily remember literally hundreds of passwords. I have just such a method and will share it with you in this article.
First step is to have the main portion of the password, which will be repeatable in all of your passwords. I like to use a single (first) letter from each word of an easily memorable sentence. For instance, I happen to love the last sentence of the poem "The Road Not Taken" written by: Robert Frost.
"...Two roads diverged in a wood, and I, I took the one less traveled by, and that has made all the difference."
I need nine characters for the first part of my password, so I can pull the first letter from each word of my favorite part of that poem like this:
Converting that to lowercase, I end up with "trdiawaii"; which we can further break up by swapping a few of the letters for uppercase alternatives, numbers, and a special character. Here's a sample of what I mean: "Trd1aw&i1". I capitalized the first letter, changed two of the i's to the number one, and replaced the a (from the word "and") with an ampersand. As you can see, we now have a very nice and complicated password that only I could truly appreciate and know.
These nine characters would become the beginning for ALL of my twelve character passwords. So, the only thing that will differentiate my passwords from each other is the last three characters. And, here's how I do that:
Character ten is a special character. In this example it will be either a $ (dollar sign) or # (pound/hash sign). I select the $ if my password is work related, and the # for personal accounts.
Characters eleven and twelve are made up by the first two letters of the website/company name where I'm logging in. I further mix it up by using a capital first letter and lowercase second one. E.g. If this is a login for my Hotmail account, then the two characters would be "Ho".
The whole password for my Hotmail account would look like this: Trd1aw&i1#Ho
While this password appears totally random, it makes sense to me. On top of that, I can easily remember multiple passwords like this. Here's a few samples using this example:
Hotmail (personal email) = Trd1aw&i1#Ho
Oracle (work email) = Trd1aw&i1$Or
Sun Portal (work collaboration) = Trd1aw&i1$Su
Skateboardforum.com (personal discussion forum) = Trd1aw&i1#Sk
Capital One (personal bank account) = Trd1aw&i1#Ca
Here’s my super-secret formula in one line:
[9 chars for main part] [1 char for the type (work or personal)] [2 chars for the name]
Get it? Try it out!
Please share your password ideas (without giving away any personal pw info) by commenting below!
I hope this article helped to spawn some creative ideas on how you can improve your security!
-Vaughn (wearing his CIO hat)