Keep your online accounts safe with an uber-secure password that’s easy to remember
You’ve heard me go on and on about how magical it is to have all your stuff up in the Great Cloud Computer In The Sky – Evernote. Gmail. SugarSync. Delicious. Mesh. But if your user account has a password like your cat’s name, you’re asking to get hacked. And anyone who would hack your account isn’t going to do pleasant things with it.
But I have good news – I have a simple method for creating a password that is really easy for you to remember, and really hard to crack. Follow these simple steps to create your own uber-password that you won’t ever forget.
Step One – Acronym from Song Lyrics
The key to a good password is to use an acronym of a series of words you know and will never forget. A favorite saying would be good, but lyrics to a favorite song are better, because they are easy to look up if you forget them. Use an older song, one that you’ve heard years ago but still remember, not the latest Lady Gaga fluff that you’ll forget in three weeks. Use a song that you can sing as you enter the acronym. If you can sing or think the melody as you type in the song lyrics, then it’s even easier to remember.
An eight character password is the minimum I would recommend, but we can add some extra characters in step two, so anything six words or longer should work fine.
Simply make a direct acronym out of the lyrics. Here’s some examples:
- Every Day Is A Winding Road – ediawr
- Set The Controls For The Heart Of The Sun – stcfthots
- Not Enough Bullets For My Guns- nebfmg
For just a little more work, you’ll get an even better password. Just change the lyrics to suit yourself. Making it personal or funny will help you remember it. For example, the Talking Heads lyrics “I’ve Got A Girlfriend That’s Better Than That” becomes “I’ve Got A Password That’s Better Than That” and the acronym becomes:
- I‘ve Got A Password That’s Better Than That = igaptbtt
Remember, sing out the melody as you type the acronym. The melody combined with the letters will access multiple parts of your brain at the same time, which will help you to remember it.
Step Two – Add Numbers and Punctuation
Adding numbers, upper/lower case characters and punctuation to your password make it much much more secure. One way to do this is with the hacker-speak language L337.
L337 is a cipher created by replacing letters with characters, symbols or punctuation that resemble the original letters. For Example, “L337” itself converts to “LEET” (as in elite) A mirror image of the 3’s become E’s and it isn’t hard to imagine the 7 as a leaning T with one side trimmed off. A’s become 4’s, G’s become 9’s etc… Once you get used to it, you can read L337 text just like it was normal text, but it looks like gibberish to outsiders.
You can convert just a couple of the characters to numbers/punctuation or search “L337 translators” on the net and you’ll find plenty. I found one here: http://www.albinoblacksheep.com/text/leet and here’s what I got when I entered the acronyms from step one:
- ediawr becomes 3Ã14wr
- igaptbtt becomes 194p7b77
Personally, I’d skip any foreign characters, because you’ll have to figure out how to type them in, and some websites might not accept them in a password. Also, you’ll want to get some punctuation in there, so depending on your acronym, a direct translation to L337 might not work for you.
Taking a tip from our L337 friends, let’s hand-pick a couple characters in the acronym to convert. Change some characters to upper/lower case. and/or simply add punctuation somewhere in the password:
- ediawr becomes Edi@wr!! (Capitalize the first letter, change the “a” to an @, and added two exclamation points to the end so the password is now 8 characters long)
- igaptbtt becomes i6&ptbTT# (Change the G to a 6, change the A to an &, last two letters are upper-case, and add a # to the end.)
There are some websites that won’t let you start passwords with a punctuation character, but make sure you get at least one punctuation mark in there someplace. It really makes the password much more secure.
Step Three – Add Salt To Taste
Even the easy passwords we have so far (Edi@wr!! and i6&ptbTT) are pretty good and easy to remember (sing as you type them in!) But we can do better.
Sadly, you should not use a single password for all your logins. You can, but you shouldn’t. If one website gets their client list hacked, or if someone sees you enter your password, you’ll have to think up a new password and change it on every website you used… Ick! It’s far better to use a unique password for every different site/service you use.
I know you’re saying, “But Zero! I just made up the bestest password ev-ar! I can’t make up a new one for every site I visit! I’ll never remember them all….”
Fear not. With just a slight modification, your awesome password will become even more awesome by being unique for every site. Simply add some letters that reference the site or service you are logging into. This is called “salting” your password:
- Edi@wr!! becomes Edi@wr!!del when we log into delicious. Note I added “del” to end of the password for delicious.com
- Edi@wr!!gmail for logging into G-mail.
- Edi@wr!!suck for logging onto your computer at work. I added “suck”, but you could use the first four letters of the company name.
- e-i6&ptbTT! for e-mail. Notice I added “e-” to the start of the password.
You now have a method for creating uber-passwords that are unique for each site you visit – really difficult to crack, and really easy for you to remember.
Disclaimer: DO NOT use the passwords I created in this blog post. Hopefully, I don’t have to tell you why. Make up your own, and then share them in the comments below.
Just kidding. Really. Don’t share your passwords in the comments below. Credit card numbers, sure, but not your passwords.