26 June 2013
Passwords are surely the bugbear of modern life. This site wants at least eight mixed alpha/numerical, this one wants four numbers, this one will only allow six characters with no specials. Sigh. Of course, the really annoying thing is not creating these, or even remembering them. It's remembering what the rules were for the site when you return to it. Thankfully, as security is studied and a becomes a measured science, more and more sites are beginning to use the same rules - usually "at least" six or eight characters, with a mix of alpha/numerical and the occasional capital letter, please.
Years ago our ISP assigned us a password. It was just an odd collection of letters and numbers. We created a crazy sentence to try and remember it. If we needed a shorter password, we stopped part way through the sentence. However, the current advice is to regularly change your password, don't use the same password for everything. This is just adding confusion upon confusion.
I think I have worked out a way to at least use a different password for every site and still know what it is. For what it's worth - here's my trick:
Think of a sentence that includes the name of the site. For example (and this is NOT one I've used, so don't bother trying it) - I love Google mostly for wasting time now.
Shorten it to just the initial letters, keeping the capital letters — IlGmfwtn. This is eight letters long. If you're only allowed, say, four letters, just use IlGm.
Substitute numbers for obvious letters (I or O or 'for') - 1lGm4wtn.
For every site, you simply use the same combination of letters and numbers, substituting an appropriate letter/letters for the site name. If you want to write down your passwords, just keep a list of the site and the letter/letters you using. For example:
I love passwords
Google - G
Games Manic - GM
Grinners are Winners - G (6)
Without your coded sentence the list is useless to anyone else. But you can read this as "this is a list of passwords using my "I love" sentence. The Grinners are Winners is s six letter password. All the others are the standard eight letters.