We all have a growing number of accounts, websites and other security measures which require an endless number of passwords. However, a primary rule of good password practices is to never use the same password twice. Another standard password practice is to reset your passwords every 30, 60 or 90 days. So how in the world do you keep all those passwords straight?
I learned some great tips over the years that helped me remember my passwords and when to change them. More important, I learned a way to make password changes creative and actually enjoyable. Here are some of my favorite tips:
1. Objectives as Passwords
Make your password relevant. Make each password a personal objective to remind and inspire you at each sign in. It is important this objective is not something an external party could guess (such as an objective you state publicly). Here are some sample objectives:
– Weight loss goal
– Debt reduction target
– Someone you want to build a strong relationship with
– A project you want to launch
– Sales goal for the quarter
Whatever the objective, make it something you want to achieve before the next password change. Then, when you go to change your password, it can be a self-evaluation against your goal.
2. Include the Time
Include the time frame into your objectives-based password. For example, if the goal is to be completed at each interval of 30, 60 and 90 days, work the numbers 3,6 and 9 into the password.
3. Substitute Numbers for Letters
To avoid hacking tools “guessing” your password, be sure to substitute numbers for letters. For example, put a number “4” in the pl4ce of the letter “A” a 3 for “E”, 1 for “I’s” and so on. Just don’t do all of them.
4. Rotate on Key Dates
Let key dates be your reminder to update passwords. For example, birth dates of friends and family. The same day of your birthday or anniversary, every third month and so on.
5. Group According to Risk Exposure
All passwords are important and should be treated carefully. But let’s be honest, if somebody hacked your free streaming music account, you would not be as worried as if they hacked your bank account. Although thieves often manipulate one hacked account to gain access to others, there is a degree of risk associated with each. With this in mind, I group my passwords. Those with higher risks are changed much more frequently and get the strongest passwords.
Do not use precisely these examples yourself. However, here are some sample passwords based on the above tips:
- 1bs159d4y (15 pounds in 90 days)
- 9day1c4rd (90 days, 1 card)
- J0nDoe60 (Jon Doe, 60 days)
Security experts may argue that passwords should be completely meaningless – a string of unintelligible letters and numbers. If you hold the launch codes to nuclear missiles (Mr. President, this means you), please, listen to them! For everyone else, I found these tips very useful in my own practice of password management and hope you will too.
Question: What other tips do you have for maintaining secure, but helpful passwords?