Secure Memorable Passwords

We all tend to have lots of internet passwords these days. Some of the security advice given includes:-

  1. Make your passwords strong with a good variety of different character types.
  2. Do not use the same password across multiple sites.

Whilst these are good guidelines it is all too easy to disregard these considerations simply to be able to remember one’s own passwords. What is the answer? I’d like to briefly share my own experience and a solution that I have come up with that has proved really helpful.

It is worth mentioning briefly that password managers can be very useful. Personally I use RoboForm, which although paid for, I find to be very good. For a modest annual subscription you can securely sync all your passwords across an unlimited number of devices. There are alternative programs available, probably both free and paid for.

I’m not going to describe my method of creating passwords in exact detail, as it might compromise my own security! I will however describe in broad principle how the idea works. The first thing is to think of a memorable number several digits long – maybe a phone number or a date of birth, but avoid using your own. I’ve got a few such numbers so that there is scope for changing a particular password if the need arises. Then take three letters from the name of the given web site, according to predefined rule that you have devised. These could just be the first three letters of the name or you could devise a slightly more complicated rule. Then mix the three letters with your memorable number according to another pre-defined rule. You then have what looks like a random password, but to you yourself is fully predictable. For extra password strength, you can consider things like making one of the letters uppercase and/or adding a non-alphanumeric character somewhere in the password.