I Hate Changing Passwords

But we need to anyway 🙁

My work email system has been bugging me for a few days that my password is about to expire. I hate changing my password, but do realize in today’s world it has become quite critical to come up with secure passwords and change them often. But how do you create a good password?

Without giving anything specific away, do you have a method you recommend? I used to think I was clever. Here’s what I DON’T do any more: make passwords from common words or names and simply swap out some letters with characters that look similar, like “sh@nn0n”.

So a while ago I did some research on ways to come up with a better password. I’m certainly no expert, and would love you to share any good ways you’ve heard of creating and remembering a good one. Since I have to change my password today, I thought I’d share my process.

What I do now is come up with a sentence that I can remember, for example: “Three blind mice see how they run.” This I turn into “3Bm$#tr.” Okay, it’s certainly not the best password, but it’s much better than most I used in the past. Of course, don’t use a common quote.

Make up your own sentence. Something you can remember, e.g. “My baby girl Sally is one year old” becomes “MbgSi1y0”. Have a favorite book? Use the third sentence in the third paragraph in the third chapter to create your password. Just be sure you can remember or look it up easily.

Once you’ve picked it, make one or two letters upper case. Then change one or two letters to be numbers. And insert one or two non-alphabetic characters, e.g. .(period), !, *, %, &, or #. A few sites restrict use of non-alpha characters, but if they allow it, they increases security greatly.

A few other suggestions:

The longer the password the better; with at least eight characters a minimum. Do not tell anyone, do not write it down, do not save it in a file, etc. Even if someone can guess the words, it will still be hard to guess your password. Putting it on a sticky note on the front of your computer, though, is a very bad idea.

Clearly, don’t construct a password from your name, family names, addresses, phone numbers and such. Also don’t use words one would find in the dictionary, as some password cracking software starts there. Oh, and writing words backwards doesn’t help. If you can think of it so can they.

And don’t use the same password for different sites. If you do and one site is compromised they all are. I know it’s a pain, but they all need to be different. At least if you must use only one, make it a good one, and add a site specific letter, e.g. insert an extra “f” for Facebook or “y” for Yahoo.

If a website uses password recovery questions, if possible create your own. Don’t use things like your mother’s maiden name or what city you were born in, etc. Too easy for people to find! And use different questions on different sites, so if one is compromised, they all aren’t.

Okay… enough stalling. I need to go create a new password for my email. Do you have any recommendations on a good method?

2 comments

  1. All good tips, and a good reminder with so many people getting ready to shop online for the holidays. I try to change my passwords at least once a year, though 2 or 3 times is probably better.

    1. Thanks for your comment, Barb. This is an old blog I wrote before anyone even knew who I was. Not that I’m that well known now. 😉 Yes, it is a good time to change now before shopping online. And 2 or 3 times a year, while a pain in the butt (especially for someone as memory impaired as me) really does make sense. Thanks again for dropping by, Barb!

Leave a Reply to Michael Schmid Cancel reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Pinterest
Pinterest
fb-share-icon
Instagram