Last summer my email & eBay accounts were hacked. I don’t know who hacked into it, how they did it, or why they were inquiring into purchasing industrial water tanks on eBay. I had used the same 2 passwords for all of my online accounts for more than 10 years – one for personal stuff, one for work stuff. Let me just say – that is a bad idea, when someone gets one of your passwords they have all of them (or, in my case half of them).

When I was finally able to get back into my account I immediately changed all of my passwords on every online account I have. And, I changed them all to something different than every other one.

I know what you’re thinking – perhaps the water tanks were for a giant hot tub. You may be right, I’ve thought of that too, but that’s not what is important here. The question you should be asking is, “How do you remember a different password for every site?”

Creating a Password

Following the tips that I found at another tech-blog Lifehacker, I was able to create a password that is different from each other, but I can remember based on the site that I’m using it for.

I’d suggest reading Lifehacker’s full article, but here are the two basic tips:

1. Don’t use the same password for everything.
2. Remember hundreds of passwords by using 1 rule-set.
3. Use a base password and add onto it.

I used all of these tips to create my new password – obviously I had learned the danger of having one password for all of my sites. An example of using these rules can look like this:

Say your old password is “password” or “1234″ (always the worst passwords), first let’s improve it by putting the letters together with some numbers (or the other way around). You could use the digits in your phone number, your childhood address, your dad’s belt size, whatever. In our case we end up with:

password1234

You could improve it from here and scramble it creating something like this:

p1a2s3s4word

You’re still using your favorite number and your old password and you can remember it pretty easily. But, this would still leave you with using the same password on every site. The simple way to fix this is by somehow incorporating the name for the site into your password. You can add just the first letter, or the last few letters or whatever you choose (I had thought about using the first word on the page, but that can change far too easily).

So, if our imaginary password was going to be used at eBay, it could turn into any one of the following:

p1a2s3s4worde
ep1a2s3s4word
p1a2s3s4wordbay
ayp1a2s3s4word
ebp1a2s3s4worday

You could even scramble the word with the password and get the easy-to-remember monstrosity of:

p1a2s3s4weobrady

Variables

Some sites, like our email system, require you to also scramble in capital letters (which I just learned can also be called majuscules) while others may enforce adding special characters:

!@#$%^&*?><:”;’[],.+=_-♠♣♥™↑‡

All you need to do is make a rule for what you’re going to do when that’s the case and turn it into something like:

P1a2s3s4wordE!

Now, the only thing you need to remember is which site requires which… though you could use the special characters for all of your sites as well.

Password Managers

No, I will not suggest that you hire someone just to remember your passwords for you. These are programs that will keep them secure (behind a password of its own). Some of them can even auto-type the username and password in when you tell them to. Next week I’ll talk about one of those programs and I’ll show how useful (and secure) they can be.