These days, keeping all your passwords straight can be an almost impossible task. Every website and application needs a password. Do you pick the same password and use it everywhere or do you write them down? If you use the same password, you’ll lose them all as soon as any one of those systems gets compromised. But if you write them down, you lose them all when your sticky-note gets lost or stolen.

Here’s a trick for making semi-customized passwords that will be easy to memorize but still unique to each site.

Pick a "static" password. (For this example, I’ll use "Bluebird" but a passphrase is much better.) Now look at the website or application that you’re signing onto. Make up a personal rule about the website name such as:

  1. The first digit of my password will always be the second letter of the website’s name.
  2. The second digit of my password will always be the number of characters in the website’s name.
  3. The third digit will be a dash.

The password at Amazon would be "m6-Bluebird" and at eBay would be "b4-Bluebird". The password on your home Dell computer might be "e4-Bluebird". A password in this pattern is reasonably strong because it has all four character classes (uppercase, lowercase, number, punctuation) and because it doesn’t follow the predictable tendency for English speakers to capitalize the first letter and put the number(s) at the end. Best of all, every password is different but you only have the one phrase to memorize and one rule.

There are a couple of limitations to this technique.

  • You must be the only person who knows your exact rules. Do not use the exact rules above. Make your own choices about which letter, punctuation, etc.
  • Some systems won’t allow special characters (like the dash) or may have size limits on the password. Unfortunately, there’s no easy way around those problems. Make the best choice you can given the limits of the system and write down only enough to remind yourself what’s different (such as "401k – no dash"). If it’s an important system (like your online bank), lobby the company to allow stronger passphrases.

Leave a Reply