I’ve seen a lot of questions come in to Worldstart that begin “I lost my password for…” and usually end with a request for an easy way to get that password. Nine times out of ten, there is no easy way. Passwords are designed to be difficult to break, so that only the right person (or a person determined enough) can access it. Zod knows that I’ve forgotten my share of passwords in my time.
And this becomes more difficult as every program, website and card seems to require its own password. Also, within the last six months, password requirements seems to have increased from a six-character string to an eight-character string. It’s enough to make a guy want to tear his hair out!
So let’s take a second to look at passwords and how to make and remember them. Ideally, a password should be, as one website that I set up a membership on said, “a random string of eight to sixteen characters that will be easy for you to remember”. I’m not entirely sure how ANY random string is supposed to be easy to remember. One way to make a password LOOK random, though, is to place numbers, capital letters or symbols into the password. For instance, a completely lousy password that many non-computer people use as their password for just about anything is “password”. Trust me – this is the first thing that any hacker or hacking program tries. A NON-lousy version of the same thing that would be just as easy to remember is “Pa$$w0rd”. At a glance, this looks like a random string of letters and symbols, but the person who placed that as their password will know the key. You could also replace some of the letters with numbers, such as “Pa55w0rd”.
Another trick, if you just want an alphabetical password, is what’s called “character shift”. This means that, instead of using the letter, you use the key directly to its right. You can’t use left, because there are no characters on the keys directly to the left of the q, a and z buttons. By doing this you also wind up with some characters in your password if it contains p, l or m. So, using this method, “password” becomes “{sddeptf” (one thing that I will tell you about my password method is that I always capitalize the first letter).
When it comes to adding numbers to your passwords, pick a date that is significant to you and use that. For instance, my son’s birthday (very significant to me) is 7/29/89. So, for instance, if I were to use that as my significant date, and wanted to use both letters and numbers in a password, I might use the first three letters of my name and my son’s birthday, Ran072989.
One thing that you DON’T want to do, however, is to use the same password for everything. If you do that, then once someone figures out one password, they know all of them. So you would have to figure out a system by which you could create unique passwords as needed from this formula.
Another thing that plagues people is remembering PIN numbers.
I have less cards than most people, one credit and two debit that I routinely use, and I had trouble keeping the three four-digit numbers straight. And DO NOT use things like your birth year or the year that you were married for something like this.
My suggestion for PIN numbers that are easy to remember but hard to guess is to use a four-digit string from the front of your card as your PIN. I know people that use the first four digits, but this is the easiest to guess. I would recommend coming up with some way to come up with a starting number between one and sixteen that’s easy for you to remember, then you have your password for all of your cards. For instance, if you were born in May, you might start all of your strings at the fifth digit. And you could make it even tougher for crooks to crack by only using even or odd digits in your PIN after that fifth digit. So, for instance, if yours were the card pictured above, and you were born in May, you could use 5678, 5797 or 6886.
Failing all of this, you could just keep all of your passwords and PINs written down in a pocket-sized notebook. But if you’re going to use this method, be sure to keep the notebook separate from your computer and your wallet.
Hope that this helps.
~Randal Schaffer
Why bother so much…just use lastpass or roboform (google it) and these programs will do this and much much more amazing things for you.
Tchau
Sorry, I don’t agree with a couple of your suggestions. Simple translitterations like “Pa$$w0rd” and “Pa55w0rd” are too obvious. They will be in every hacker’s rainbow table.
The letter shift is better, as long as you don’t use a common dictionary word, or a word closely related to you.
Using a birthday as a significant number is not a good idea. A hacker doing an attack based on “Social Engineering” you will know dates like that.
While the article has valuable information of which I shall take advantage, I must say that the word “less” in the first sentence is totally incorrect. The proper and correct word is “fewer”. The rule is that if you can count anything, the word when comparing is fewer. When you can’t count, as in milk, the word is less.
Lee, you’re absolutely right. Fewer is correct. Thanks for the grammatical correction.
And Ron, I was merely using Pa55w0rd as a less-crummy alternative to “password”. Of course, the more complex your password is, the harder that it will be for hackers or hacking programs to guess. I was trying to point out (perhaps I failed) that using a combination of upper and lower case letters and numerals and/or special characters strengthen your password. No, for me to use Pa$$w0rd1964 as my password wouldn’t be the best idea, but it would beat the heck out of “password”.
Thanks for the comments.
Randal
I was under the impression that our passwords are visible ‘elsewhere’ I was on one of the sites that worldstart had shown that shows our passwords.
has this changed?