said 1 year, 2 months ago:
Passwords. The proverbial pain in the backside we all have to deal with. Using strong, secure passwords is just a smart thing to do when visiting websites. And we’re told to use a unique one for each site. How is that even possible to remember? There are many different companies willing to store or generate all of your passwords for you, like LastPass, PassPack, KeePass and others. If you feel comfortable with an independent company having access to all of your passwords, then that may be the way to go for you. If, however, you would feel better having a different, secure password, for each and every site you visit, and never forget a one, then read on.
Below I will teach you a formula that I use for creating secure and unique passwords. I’ll try to be as concise and succinct as possible but it may be a little wordy because I want you to get it the first time. Once you’ve got the concept down and decide on the formula you will implement, it is quite easy to use and remember. If remembering your passwords has been a source of aggravation for you, then please take the time to read through this paper. It could render the rest of your life free from password recall aggravation.
So what constitutes a good password? There are two variables to work with: password length and password characters. Password characters are the set of characters, which can be used to type out a password on a standard keyboard.
Password characters available:
lowercase alphabet – 26 characters
lowercase and uppercase alphabet – 52 characters
lowercase and uppercase alphabet and numerals (alphanumeric) – 62 characters
alphanumeric + all type-able symbols found on your keyboard – 95 characters
Password length available:
Your password length is only limited by the password system employed on the particular site you’re visiting. Most websites require a password of at least 6 characters in length. Some sites require you to have at least one upper and one lower case letter. Some require the addition of a number. And yet others require you to use a special character. Some do not allow special characters. Our goal is to design one password formula that will work for all sites. For the example explained in this paper, I will design for an 8-character length alphanumeric password. An 8-character length password made up from a 95-character set, will yield a total of 6,634,204,312,890,625 possible different password combinations. I’m comfortable with that.
So… How do we do it? It’s quite easy. The only thing you will have to remember in order to design a unique, good password for each site you visit, is a formula. This formula will be made up of numbers and letters, of whatever length you decide. We’ll design a password for the sample site http://www.anysite.com. To keep this formula very easy to remember, I’m going to choose that the formula be made up of four numbers and four letters. The numbers will be, 1,2,3 and 4 and will be the same in all passwords. Then I’ll choose 4 letters, two of which will be capitalized. The letter choices will be derived from the website URL that I am visiting. Next, I’m going to choose which letters I will use from the URL. Determine and select the position of the letters that you’ll use on every site, e.g. the first four letters, the last four letters, the first two and the last two, or the first one and the last three, whatever you like. This preferential letter position will be absolute across all websites. If you decide to use the first three letters after www and the last letter before .com, then it’s position one, two and three, plus the letter in the last position, for every site. To make it simple, I’ll choose the first two letters after www and the last two letters before .com for the password of every site. Again, these are the positions of the letters that we choose from the name of the URL e.g. the first two and last two of the website http://www.anysite.com would be the letters an and te. I don’t use the www or the com as letters in my formula. This way you’ll always have different letters for every site.
The next thing you have to decide on is which letter(s) you are going to capitalize. We’re going to choose to always capitalize the first two letters. So now we have four numbers, 1,2,3 and 4, and four letters AN and te. The next step is to combine the numbers and letters. For this example we’ll assemble the password by choosing two letters, AN. Then two numbers, 1,2. Two more letters, te. Then two more numbers 3,4. So our password for http://www.anysite.com, using this formula of two letters, two numbers, two letters, two numbers, looks like AN12te34. That’s it. The only thing you have to remember is a four-digit number of your choice, or a three digit, or a five digit, whatever you’d like, plus a simple formula that you’ll follow for every site. I’ve used this system of creating a formula for passwords, for quite some time now and I have never forgotten one. And with 6,634,204,312,890,625 possible different combinations from just an eight-character password, I feel pretty secure.
To recap, building your formula will require you to decide on five items:
1) the character length of your alphanumeric password
2) how many letters and how many numbers will you use for every password
3) what position in the URL will those letters come from, e.g. first two, last two
4) which letters will be capitalized, e.g. the first one, first two, the last one, etc.
5) how you will arrange the characters, e.g. two numbers, two letters, two numbers, two letters, etc.
The last two items we need to cover is special characters, and the sites you visit that have fewer characters in their URL than you have in your formula. You’ll need to choose a default for both of these. Sites that require a special character are few and there are more sites that don’t allow them than there are sites that require them.
So, decide on a default special character that you will use on any sites that require it, and in which position you will place it, e.g. in the beginning, in the end, in the middle, etc. If we chose a dollar sign as our default special character and http://www.anysite.com required a special character, the password would be AN12te34$.
The last rule you’ll have to determine is what to do when presented with a site URL that has fewer characters than your formula requires. One that I can think of is American Airlines. The URL is http://www.aa.com. If I’ve chosen to use an eight character formula, comprised of four letters and four numbers, I’d have to come up with two additional letters to keep my formula consistent across all websites. I’ll choose the default letter(s) to be z and I will always place it in the last letter positions. You can choose any letter(s) and use them in any position, as long as you use the same defaults on every site you come across that would need them. So using our formula of two capitalized letters, two numbers, two lowercase letters, two numbers, our password for American Airlines would be AA12zz34.
I hope I’ve explained this clearly. My goal is to lend a hand and relieve you of any password recall aggravation. If you have any questions just send me a note or feel free to call me at 508.725.9000.