How to create a strong password system

Keeping track of passwords can seem like a hassle. Most of us have multiple sites that we visit that require access codes. So many, in fact, that it’s tempting to use the same username/password combo for all of them. No. Otherwise, it only takes the compromise of a single site’s credentials to have a ripple effect on the security of all your online assets.

Fortunately, there is a fairly simple way to have different passwords for each site you use, but still make the passwords easy enough to remember.

Create unique passwords

Before you start creating strong passwords, you should consider the use of those passwords. The intention is to create strong passwords unique to each account, but easy enough to memorize. To do this, first start by dividing frequently accessed sites into categories. For example, the list of categories can be as follows:

  • social networking sites
  • auction sites
  • e-commerce sites
  • E-mail accounts
  • banking sites
  • forums

A word of note here about the forums. Never use the same password for a site’s forum as you use to log in to the site itself. Generally speaking, the security on the forums is not as strong as it is (or should be) for the regular site and therefore the forum becomes the weakest link in your security. That’s why in the example above, the forums are divided into a separate category.

Now that you have your categories, under each appropriate category, list the sites you should enter. For example, if you have a Hotmail, Gmail, and Yahoo account, list them under the ’email accounts’ category. After completing the list, you are ready to start creating strong, unique and easy-to-remember passwords for each one.

Create strong passwords

A strong password must be 14 characters long. Every character less than that makes it a bit easier to commit. If a site doesn’t allow such a long password, adjust these instructions accordingly.

Using the 14-character password rule, use the first 8 characters as the common part of all passwords, the next 3 to customize by category, and the last 3 to customize by site. So the end result ends up like this:

By following this simple rule, when you change your passwords in the future – which, remember, you should do often – you will only have to change the first 8 common characters of each.

One of the commonly recommended means of remembering a password is to first create a passphrase, modify it to the character limit, and then start swapping characters for symbols. So to do that:

  1. Create an 8-letter passphrase that is easy to remember.

  2. Take the first letter of each word to form the password.

  3. Replace some of the letters in the word with keyboard symbols and capital letters (symbols are better than capital letters).

  4. Click a three-letter abbreviation for the category, also substituting a symbol for one of the letters.

  5. Tap a site-specific three-letter abbreviation, again substituting a single letter for a symbol.

As an example:

  1. In step 1 we can use the password: my favorite uncle was an air force pilot

  2. Using the first letters of each word, we end up with: mfuwaafp

  3. Then we swap some of those characters with symbols and uppercase: Mf{w&A5p

  4. Then we add the category, (i.e. ema for email, and change one character from ema: e#a

  5. Finally, we add the site abbreviation (i.e. gma for gmail) and change one character: gm%

We now have a password for our Gmail account of Mf{w&A5pe#agm%

Now repeat these steps for additional categories and sites within those categories. While this may seem difficult to remember, here’s a tip to keep things simple: Decide ahead of time which symbol will equate to each letter. Be sure to check out these other tips for remembering passwords, or consider using a password manager. You may be surprised to learn that some of the older advice may just be bad advice.