I’ve been meaning to get on these for a while now. I intend to cover some real basic PHP introduction stuff, maybe some dev app guides and so on. Obviously, the common WordPress hacks that people ask me to do.
For now though here’s me just saying ‘hello’ and introducing you to my hamster, Joe Namath.
You may have seen these stories in the news recently, relating to some attacks on Google, the German Government and Internewt Explorer.
The original news item
The subsequent reaction
I’ve tried as hard as I can to come up with something useful to say on the subject, but the only thing I keep coming up with is ‘use Firefox’.
So here we have it. Use Firefox.
We all have it drummed into us to use different passwords for everything, but how many of us actually do? and how many of those use more than 2 or 3 passwords over and over again?
If you ask yourself why not, it’s probably because you can’t / don’t want to remember lots of different passwords & that you don’t want to put your trust in 3rd party password manager.
What you need is a system that lets you use the same password for everything but also changes it for everything. Simple, huh?
Sure it is. Without wanting to give too much away here is my system…
A password should be constructed of 3 parts.. One is the passphrase itself which never changes, one is obtained from the site you are logging in to and the third is to do with time. Without going in to too much detail of how I do it, you might…
- pick your passphrase. Something you will remember and something that ticks all the standard boxes of password selection. Not likely to be found in a word list (forwards or backwards), not your childs name or maiden name, 6-8 characters, contains uppercase letters, lower case letters, numbers etc. (EG Passw0rd – bad example but you get the idea)
- Add the first/last 4 letters of the site you are logging in to. Pick the end, or the start or somewhere in the middle. Maybe just pick 2 letters. Maybe reverse them. Anything as long as it’s the same each time. (EG ‘Passw0rdTwit’ for twitter, Passw0rdFace for facebook)
- Add the last two digits for your age. Or, for the financial quarter, or for the month, or the day of the week. Something you will be able to track. Personally, I like to use financial quarters because they are easy to track, repeat themselves over and over, help me to know if my passwords require a 3 monthly reset, and usually if I forget, there’s only a couple of possibilities if I can recall roughly when I set up the account. (EG Passw0rdTwit1, Passw0rdTwit2 etc…)
It seems convoluted and paranoid, but it’s pretty easy to remember once you get used to it. None of your passwords will ever be the same, and all you have to remember is the same phrase and whatever your personal system is.
Obviously there’s a 4th point – Don’t use the same system for your Banking or your master Email account. Either use a different system for really sensetive accounts, or don’t use a system for them at all. Just remember those ones!
I’ve been doing this for a while now and find it works quite well, but now I’ve shared with the world am going to have to change my system to something else!
Not strictly something she said, but something worth a mention all the same.
Sat in my chair the other night feeding our two week old son, and Laura-Jane walks in and wants to show me something related to babies on the internet. Awesome. I love baby stuff on the internet, it’s one of my all time top 5 stuffs on the internet.
Admittedly we both had about 2 hours sleep between us at this point due to our son deciding that he doesn’t want to be put down at any point between midnight and 8AM, but still it brought a smile to my face when I watched Laura-Jane sit down in front of my machine, think for a second, then type the word ‘google’ into Google, click on the first search result (i.e. Google) and then proceed to google whichever bit of baby stuff she was trying to show me. I forgot that part. I won’t forget the googling incident for a while though…