for further security start and and end the password with special characters like *#@$+, and vary upper/lower case.
find an easy way for yourself eg

- +2105acNe@
- +modNar5012@
- +ranDom18@

I create a bizarre sentence then make a password as an acronym of the bizarre sentence, using a mix of punctuation, numbers and capitals where possible. So for example I might come up with the following:

“I really hate the taste of marmite, it is completely and utterly disgusting”

and change this to the password of:

iRhtToM1!CaUD

Use completely unmemorable random passwords like 38efhHT8y3j&* and simply have your browser (Firefox) remember them. Then set up your laptop so it has an encrypted hard disk … just in case. If you ever lose passwords, just use the site’s ‘reset my password’ option to give you a new one.

If you need a long secure password (12+ characters), try a sentence or phrase.

My_2ndcarco$tme£1200.

The writing down or using a simple encryption method such as your alphabetic substitution would probably be easy to break, especially with physical access.

You can get password manager software which will auto generate passwords, and stores them with strong encryption on your computer or a usb stick. You then only require a single password to open that program and gain access to your other passwords. This helps as your website passwords are auto generated and bear no relation to others. You can never be sure if the websites you are using are actually storing your passwords correctly, or are plainly visible to anyone with the right access.

Downside is that all the passwords are stored in one place and only need one password to gain access to others. This might be a good way to have your general website passwords stored, whereas banking ones you might want only in your head.

Having said all that, I’m guilty of breaking nearly everything I know should be good practice in the pursuit of ease of use and down to bad habits.

The thing that annoys me about passwords is when they specify the amount of letters/numbers/symbols/capitalization for the password. So for one bank account you need a passcode of 5 digits and then another account requires six digits, other passwords have to be at least six characters…etc. For some reason, I also have trouble remembering my verified by visa password and am concerned it is so easy to reset.

Or use LastPass – you can use truly random and secure passwords for all online services, and only have to remember one (to log in to LastPass). As long as you have access to a connected web browser, you can retrieve all the passwords stored, and there are plugins for all the major web browsers and OSes for use on the computers you own.

You can have an easily memorable unique password for all your sites, just take the first few letters of a web site and use it to pepper your password

So say your password is Bob!59, for this website you’d could end up with mBob!o59n
Twitter: TBob!w59i
Playstation: PBob!l59a

1Password can be great for storing complex passwords for websites, and is compatible with Mac, Windows, Android, iPhone/iPad and all the major browsers!

SuperGenPass – http://supergenpass.com – is a simple javascript addon (bookmarklet) which automatically generates a different password for each site you use.

It takes a second to install, and works by essentially scrambling your ‘master password’ – which you have to remember and enter each time – and the domain name of the website you’re visiting together in a repeatable, consistent (but completely un-guessable) way.

I use a similar system to Daniel Whiting, but instead of the first three letters of the web site, I use the key on the keyboard to the left of the each letter. You could use any other geographic position. If you get to the end of a row, you start again at the beginning.

Therefore with my system, the password for moneysavingexpert.com would be nBob!i59b, twitter would be rBob!q59u and playstation would be oBob!k59l. It took a few weeks of getting used to, but I have now been using it for many years and find I can log in to web sites I haven’t visited for ages with ease. The great thing about it is that there are no letters in the password which appear to tie in with the web site name.

The most memorable paswords lve used are made from the initial letters of an easy to remember phrase, especially if the phrase is connected to the site you’re on. For example for an email account you could use the phrase ‘No ONe Writes Letters Anymore Everyone Uses Email’ = ‘NOWLAEUE’ and if its one of those anoying sites that requires numbers then l use 1 in the sentence the way posh people do so the sentence ‘One Dosent Write Letters Anymore One Uses email’ becomes ’1dwla1ue’

I find the easiest way, as already suggested by a couple of people, is the initial letter of a well known phrase, proverb, book or film title like “One Flew Over The Cuckoos Nest” becomes 1fotcn As a scientist I sometimes use formulae e.g copper sulphate CuSO45H2O or Sutp1-2at2 (ditance formula in physics) Most jobs have sayings e.g. for carpenters “always measure twice and cut once” becomes amx2cx1.

I once read that to make a secure password was to think of a memorable phrase, e.g. “I like going to Bognor”.
Then use that but without any spaces, IlikegoingtoBognor.
You now you have an 18 digit password that is easy to remember and is just a collection of letters, not words

You can store all of the files for every account you have securely on your PC.
Use WORD and when you save the file e.g. Santander login, use : File, Save as, Tools, Security Options and enter a password to open the file. You can use the same password to save all WORD files for all your different accounts. Even if your PC was stolen, the files cannot be opened by any but the most adept ICT specialist. For added protection, you can store the password partially e.g. as JAM*****

my suggestion is to use a favourite holidlay you have had, or plan to have, such as “miami2006″ or “newyork2014″ this then incorparates numbers for the sites that require numbers

I can break password-protected Word files without too much trouble, and I’m only a moderately competent computer user. All you need to do is download one of the many programs that does it for you automatically.
I would suggest that you change how you store your passwords asap and use a dedicated password program that does the same thing.

I have the same password for everything, bar the odd addition of a number here and there and so far as i know it has never caused me any problems!

The password card beats all because you actually have your password ‘written down’ making it easy to remember. So many people sacrifice security by using names in their password stings which make them easily crackable by botnets otherwise!

http://www.passwordcard.org/en

sounds like a challenge, do not envy anyone with all information in one tiny machine. My payments are the old-fashioned way with just slight concessions ie phone and only very rarely. But good luck to all. actually just read
some comments and A. Palmers is quite good !!

When I worked in IT support, my advice was this:
What’s the first obect you see?
e.g. coffee cup
Stick some numbers in it to stop it being a dictionary word
e.g. c0ffee_cup
If you are paranoid, add some more capitalisation and numbers
e.g. C0ff33_cuP

… and so on.

FWIW I use a word that I invented many years ago for another purpose. It isn’t a real word. If it requires numbers or more characters as well as the word then I add the year of starting to use it, eg 11 or 2011. I can normally remember roughly the year.

I do realise that if someone were to actually see me using this word (unlikely) then they would possibly have access to all sorts of things, but the one site that I never use this word for is my bank !

I have to say that I only have one password for everything (although my on-line bank has a ‘key card’ number and a pass code as well as a password). I have a word that no-one would guess with a capital letter in the middle plus a couple of numbers (which were random at the time I chose them) and for any financial sites I also have a character (#,*.< – not telling you which or where I put it just in case I'm not as clever as I think I am!). I also lie to all those security questions like 'what is your mother's maiden name?'. I give my friend's mum's maiden name, I give the name of my 3rd pet not my first, the name of the first holiday resort I went to instead of where I was born and so on. I think those security questions are easier to guess (hack) than a password as I could answer most of them for nearly all my friends and family. I agree with the other poster about 'secured by mastercard' – it's ridiculous that if you can't remember your code then you can just put another one in and reset it.

The worst mistake people make with passwords is to just use a word from the dictionary.

This is why complex passwords are pushed by people as being important, for example so a password of “hello” is much less secure than “hello@123″

However people could happily use 3 words followed by spaces such as

“my secure password”

A password like this would take forever to crack and contains little complexity for the user to remember (and stops passwords being written down).

The important thing to remember is that a password cracker cannot guess each individual word when you set a password it either guesses all of it or none at all, so although a password like “my secure password” does not look complex enough it is would take longer than you would live for a hacker to crack.

As a new user I’m not allowed to post links, but if you search for the following in google then the above is covered in some good detail “the-usability-of-passwords-faq”

Also as suggested by a previous user, something like keypass is a god-send.

Hope this helps!

I use either the name of a road or some easy to remember name, favourite singer, memorable date. This is very easy then to enter in some sites which need random letters entered. One doesn’t have to count the number of spaces but can just spell the name entering each letter or No.as you get to the empty space in your password. To me this type of password entry is the easiest one of all to enter & a key logger won’t be able to work out the password from this. I wish all sites would use this method which I feel is very secure.

The easiest way to remember lots of different hard passwords is to use a password manager. I use KeePass because it is open source so completely free and has excellent encryption to protect your database. To login to any account, I just use the auto-type function once I have login to KeePass using a master password.

Some of the ideas suggested here aren’t very secure. I say this to help others security not belittle the comments.

Microsoft Word/Excel passwords are very easy to hack. A Google search will find many free programs that will do the job in seconds. So saving your passwords in these files is not secure at all.

Merging in letters of the website really doesn’t solve the problem posed by PS3 data being hacked. In the example given the hacker would see PBob!l59a as the password. How long do you think it will take a hacker to realise the name Bob is surrounded by Pla? Remember this is the person that hacked a secure network.

if you know pitman’s shorthand, I find that is very useful to use as a reminder. Not many people these days learn shorthand.

It is a big mistake to discuss your method of setting a password, no matter how cryptic, on an open forum such as this… all it does is give the fraudsters a head start in cracking your password.

It best is not to use words as there are only a limited number of words in the English language and a computer system would be able to go through these very rapidly. Better to use a combination of random alphanumerics and special characters (where allowed). The longer the “Randword” the better. And keep it quiet!

Some websites do not really need password protection and the password is only there to register users and prevent abuse of the website. In these cases use a simple password and avoid putting any personal information on the website and most certainly never post or discuss your financial information.

Another tip is to use random dates rather than your real date of birth or random words rather than your mother’s real maiden name when asked to set up this “security” information.

I use a programme called KeePass. This is accessed via a master password and it will keep all your passwords in an encrypted form. It will also generate random passwords of user-variable length. Gets good write-ups on web.

Hi folks,

To those suggesting ways of picking passwords – in many ways that isn’t the issue. The key is how to have DIFFERENT passwords for each of the many different accounts you have….

Probably a bit sad but I remember car numberplates quite easily and use ones from when I was a small child – cars now scrapped! I use a mix of lowercase and upper case, add in a few extra symbols and also maybe the first letter of the site it is for, but I like the idea of using the letter next to it on the keyboard.

Yes martin have you any good ideas for doing that. I can make up passwords my problem is remembering which ones i used for which accounts.
E

Yes, I played one game of Russian Roulette the other day, and didn’t have any problems at all. I would recommend thousands of people do likewise. I’m sure they’ll be fine, too!

If you held me down and stuck pins in my eyes I wouldn’t be able to tell you the password to unlock this laptop. Nevertheless I’ve just started it up and unlocked it. That’s because instead of trying to remember a password (or a series of passwords), I remember the pattern of keystrokes used to type them. Consider this one: 1qazxsw2. Would you be able to remember that? Or this: 5tgbnhy6

Type those passwords slowly to see how they are formed and what the similarities are. These are simplistic patterns that you wouldn’t want to use, so make up your own. You can have a number of passwords based on the same pattern, just applied in different parts of the keyboard (like the two above). Here’s a less-obvious pattern: q3radzx

To make sure you don’t forget them, simply note down the key you start on. So for the password q3radzx, I may have a note that says ‘Bank: q’. That’s it*. Not exactly useful to anyone who finds it. You can even stick it on your monitor. You need only remember your pattern of key strokes, and because it doesn’t change you won’t forget it. Use the same pattern starting on a different key for another account or site.

Vary them by including a SHIFT here and there (q£RaDzX), and don’t be afraid to use the non-alphanumeric characters (%^&@, etc.).

Any password you choose is just a pattern of keystrokes, so this can be as secure as any other. The only requirement is that you shouldn’t spread your characters too far apart if you want to move the pattern around. Also, be wary of different keyboard layouts!

This method has worked very well for me so far.

—

*no, it isn’t a real password!

I am not clear how the risk is comparable? I dont really understand the risk of using my password over and over. Nobody knows it, I never forget it. I would appreciate a sensible explaination as to why it is so important to change your password all the time??

My new system for creating individual passwords (since the PS3 hack)
consists of using my master password (for example *&69!poojam1) and
then using the name of the website (ie play,ebay,google) and inserting
it somewhere randomly in the password (ie always after the 6) so the
password becomes *&6ebay9!poojam1 or *&6google9!poojam1

Ok, apologies for flippancy before! It’s a good question. If someone
finds out your pwd in one situation, (eg IT worker at one co. that holds
your pwd, or alternatively hacker), they can then do identity theft easily.

I get a phrase and then mix it with house numbers where I used to live, or old postcodes. My phrases are based on silly little things I’d remember. A suggestion could be: Carly is really super = Cirs and then postcode: DE2

CirsDE2 would be an example of a password (that’s not actually mine!) I have about 3 sets of passwords that I use for various things. I always know it’ll be one of the three. I like your method for writing them down though – will take this away & use it. I think I’ll also develop a couple of new passwords in light of the Playstation hacking problem. Probably sensible.

That’s a pretty good method.

Hi Petra. The best example of this is the Playsation hack being discussed. There they have access to your email, address and phone number – they may also have got your password. If you’ve used the same password on all your accounts, breaking it will be a case of trial and error. E.g. they just try every bank to see if you’ve an account there. That’s why a different password for each account is so important – otherwise you’ve a single point of failure.

There are several password managers such as “Lastpass” or “Roboform” which only need one password to be remembered, all the others are then encrypted & only accessible with the one remembered password.

Nice information mate thanks many times it happened that i forget my passwords as they are different but now i think i am not gonna forget

Think of a sentence or catch phrase. Use just the initial letters. Add numbers that mean something to you. Works for me

I agree , I use Roboform and have done for approx ten years never let me down