In a prior post I talked about managing passwords and briefly touched on not using the same password on multiple sites. I’d like to expand that discussion with some practical examples.
Let’s just think about this. How many sites ask for your email address as the username for their site? OK. Now what if you use your favourite password on that site? Now what if your favourite password just happens to be the one you use for your email account? You’ve just given the web site the login credentials for your email account.
What if you provide a username and password and both the username and the password are used on multiple sites? Are you starting to get the picture?
At this point you’re probably trying to work out which sites you’ve passed out credentials to that match your email, telephone, iTunes, eBay, or PayPal accounts.
If this is you, it’s probably time to rethink how you use passwords.
Techniques for creating memorable passwords
I’ve heard of various techniques to create memorable passwords. One example is munging certain letters of the site name with a constant that contains a bunch of special characters and digits. For example, take the last four characters of the site name backwards, capitalise the second letter then add the constant string. If your constant string is “e?D2”, then your eBay password would be “yAbee?D2”. Your Hotmail password would be “lIame?D2” (the second letter is an uppercase i). You get the idea. This scheme satisfies most password requirements of minimum length, at least one digit, mixed case, and one special character.
if you’ve thought of another technique for creating memorable passwords please leave a comment.