Last summer my email & eBay accounts were hacked. I don’t know who hacked into it, how they did it, or why they were inquiring into purchasing industrial water tanks on eBay. I had used the same 2 passwords for all of my online accounts for more than 10 years – one for personal stuff, one for work stuff. Let me just say – that is a bad idea, when someone gets one of your passwords they have all of them (or, in my case half of them).

When I was finally able to get back into my account I immediately changed all of my passwords on every online account I have. And, I changed them all to something different than every other one.

I know what you’re thinking – perhaps the water tanks were for a giant hot tub. You may be right, I’ve thought of that too, but that’s not what is important here. The question you should be asking is, “How do you remember a different password for every site?”

Creating a Password

Following the tips that I found at another tech-blog Lifehacker, I was able to create a password that is different from each other, but I can remember based on the site that I’m using it for.

I’d suggest reading Lifehacker’s full article, but here are the two basic tips:

1. Don’t use the same password for everything.
2. Remember hundreds of passwords by using 1 rule-set.
3. Use a base password and add onto it.

I used all of these tips to create my new password – obviously I had learned the danger of having one password for all of my sites. An example of using these rules can look like this:

Say your old password is “password” or “1234″ (always the worst passwords), first let’s improve it by putting the letters together with some numbers (or the other way around). You could use the digits in your phone number, your childhood address, your dad’s belt size, whatever. In our case we end up with:

password1234

You could improve it from here and scramble it creating something like this:

p1a2s3s4word

You’re still using your favorite number and your old password and you can remember it pretty easily. But, this would still leave you with using the same password on every site. The simple way to fix this is by somehow incorporating the name for the site into your password. You can add just the first letter, or the last few letters or whatever you choose (I had thought about using the first word on the page, but that can change far too easily).

So, if our imaginary password was going to be used at eBay, it could turn into any one of the following:

p1a2s3s4worde
ep1a2s3s4word
p1a2s3s4wordbay
ayp1a2s3s4word
ebp1a2s3s4worday

You could even scramble the word with the password and get the easy-to-remember monstrosity of:

p1a2s3s4weobrady

Variables

Some sites, like our email system, require you to also scramble in capital letters (which I just learned can also be called majuscules) while others may enforce adding special characters:

!@#$%^&*?><:”;’[],.+=_-♠♣♥™↑‡

All you need to do is make a rule for what you’re going to do when that’s the case and turn it into something like:

P1a2s3s4wordE!

Now, the only thing you need to remember is which site requires which… though you could use the special characters for all of your sites as well.

Password Managers

No, I will not suggest that you hire someone just to remember your passwords for you. These are programs that will keep them secure (behind a password of its own). Some of them can even auto-type the username and password in when you tell them to. Next week I’ll talk about one of those programs and I’ll show how useful (and secure) they can be.

This past week I got an email from a staff friend that contained a forward warning about a “new” computer virus. While it is a real virus and really can do significant damage to your system and stored information, there was a bit of panic-inducing misinformation:

>>This is the worst virus announced by CNN. It has been
>> classified by Microsoft as the most destructive virus ever.
> This virus was discovered by McAfee yesterday, and there is
>> no repair yet for this kind of virus…

While this virus is not “the worst” or “most destructive” virus, all viruses can be a pain in the neck and it is important to have an antivirus in place to guart your computer and your information against these destructive little programs that (sometimes) really are able to erase whole hard drives.

For antivirus options you can go a number of different ways, from proprietary (and costly) programs like McAfee and Norton to free (and effective) ones such as Avast! or AVG.

I have installed Avast! on all of my machines and on a number of ones for family and friends and have had and heard nothing but good things from it.

To install the free Avast!4 Home Edition all you have to do is download it and register it for free every 18 months. You it will be updated as often as new virus defenitions come out and you won’t have to worry about viruses any longer.

Also, it seems that Avast! has an inexpensive Mac version (less than $40) for 3 years of virus protection and coverage.

I am not sure whether or not I would suggest getting rid of a proprietary antivirus software, but I have never had any virus get to any machine that I’ve put Avast! on (keep in mind, I probably browse websites and download programs more often than most users).

Beyond reccomending an specific antivirus, I must stress this, make sure you have some sort of antivirus software! You never know when you’re going visit a reputable site that has been hacked, like CNN.com was just this spring.

If you’d like to check out other free antivirus software options (AVG, Nod32, Avira and Kapersky antivirus programs) I’d suggest the list on this post at LifeHacker.com.