Tuesday, July 22, 2008


Here's how I make good passwords:

Pick a short keyword that's easy to type -- say, 'left'. Replace some letters with numbers (l3ft) and, for good measure, capitalize some stuff (l3Ft). Now, every time you need to make a password for something, take the name of the thing and stick your keyword on to it somewhere: l3Ftgmail.

This part is fairly well-known (although, still, not enough people use it!!!). What's fun is to make like a linguist and treat your keyword as a real affix. You can affix it anywhere to the name of whatever you need a password for, not just at the beginning or end (prefix or suffix). You can also infix it (gl3Ftmail or gmail3Ftl), or circumfix it (l3gmailFt).

This method doesn't completely specify your password. Sometimes you need to use an acronym for the service instead of the full name (su, or supon, for StumbleUpon), to keep the password from being too long. And sometimes I can't remember whether my YouTube password uses yt, ytube, or youtube. But it doesn't matter, because there are only a few possibilities I need to guess. What's more, this makes it easy to change passwords and still remember them fairly easily -- just move your keyword from prefix to suffix to circumfix to infix...


  1. I don't use a different password for each service, but I have three or four different passwords that I use, depending on circumstances.

    Generally, my passwords are based on the technique whereby you take the first letter of every word in a sentence (which in my case are quotations from books). In some cases, I change certain letters into numbers, or insert numbers, based on easy to remember principles relevant to the original quotation.

    I'd like to tell you what my main password is, because the quotation it's based on is elegantly pertinent to some of the Internet activities I use it for (such as blogging), and so I'm quite proud of the choice. However, ...

  2. Creating a password doesn't always have to take up so much energy. There are applications out there designed just to generate passwords (and even store them).

    I work for Passpack, which is one of those applications.

    According to a Microsoft study the average internet user has 25 online accounts and only 6.5 passwords - so it seems that you fit into that stat - (so did I for a long time!)

    But keep in mind that reusing passwords can be risky - obviously if one is compromised, so are all the rest.