We all have it drummed into us to use different passwords for everything, but how many of us actually do? and how many of those use more than 2 or 3 passwords over and over again?
If you ask yourself why not, it’s probably because you can’t / don’t want to remember lots of different passwords & that you don’t want to put your trust in 3rd party password manager.
What you need is a system that lets you use the same password for everything but also changes it for everything. Simple, huh?
Sure it is. Without wanting to give too much away here is my system…
A password should be constructed of 3 parts.. One is the passphrase itself which never changes, one is obtained from the site you are logging in to and the third is to do with time. Without going in to too much detail of how I do it, you might…
- pick your passphrase. Something you will remember and something that ticks all the standard boxes of password selection. Not likely to be found in a word list (forwards or backwards), not your childs name or maiden name, 6-8 characters, contains uppercase letters, lower case letters, numbers etc. (EG Passw0rd – bad example but you get the idea)
- Add the first/last 4 letters of the site you are logging in to. Pick the end, or the start or somewhere in the middle. Maybe just pick 2 letters. Maybe reverse them. Anything as long as it’s the same each time. (EG ‘Passw0rdTwit’ for twitter, Passw0rdFace for facebook)
- Add the last two digits for your age. Or, for the financial quarter, or for the month, or the day of the week. Something you will be able to track. Personally, I like to use financial quarters because they are easy to track, repeat themselves over and over, help me to know if my passwords require a 3 monthly reset, and usually if I forget, there’s only a couple of possibilities if I can recall roughly when I set up the account. (EG Passw0rdTwit1, Passw0rdTwit2 etc…)
It seems convoluted and paranoid, but it’s pretty easy to remember once you get used to it. None of your passwords will ever be the same, and all you have to remember is the same phrase and whatever your personal system is.
Obviously there’s a 4th point – Don’t use the same system for your Banking or your master Email account. Either use a different system for really sensetive accounts, or don’t use a system for them at all. Just remember those ones!
I’ve been doing this for a while now and find it works quite well, but now I’ve shared with the world am going to have to change my system to something else!