The news splash about the major PlayStation Network security breach possibly affecting 3 million people in the UK brings into sharp focus the scourge of our digital age – the password dilemma. Should you be secure and use lots of different passwords? Or is it more convenient and easy to remember just one or two?
Almost everything online needs a password these days: shop accounts social networking sites, university and email logins, banks, credit cards, insurance, savings and more. I don’t know about you – but I suspect I’ve over 50 different accounts and all the passwords for these need remembering somehow – and unless you’re a memory maestro that’s impossible.
Yet not doing it is a nightmare too – we’re constantly nagged to use different passwords. Those who chose convenience and used the same password for their PlayStation Network account as for their bank or other secure code, now know why it’s so important to use different passwords. They need to immediately change the password on their other accounts otherwise the criminal hackers may well have enough of their ID to utilise it (see PlayStation hack news for more on self-protection).
How to marry security and convenience.
Over the years I’ve developed my own personal system for keeping an easy but secure track of my passwords. I’m not saying it’s perfect I just thought it worth jotting down. I’m sure many others do similar things in parallel and I’d love to know your systems.
I’ve described similar principles to what I do below, though with some details and techniques changed slightly for my own security. It may seem a little complex but actually as it’s developed organically over the years, it’s become an easy natural progression, though I accept it’d be more difficult to do it all in one go.
- Step 1: Establish a number of key words.
Pick words that mean something to you but aren’t obvious or guessable like relative’s names. The easy way to do this is to start with one or two, then once those are firmly embedded add more. But for the moment let’s say they’re established.
They should all start with different letters, for the sake of the example we’ll say they are:
- Step 2: Establish a few key numbers.
Try not to have obvious dates such as your date of birth – though something like 1874 (Churchill’s birth year) is fine. So here you have:
- Step 3: Create passwords using a combination of both.
Use the words or numbers forwards or backwards, capitalised or not capitalised. This gives you a very large number of available different passwords even though you only need to remember a few words and numbers. For example:
- Step 4: Note the password down IN CODE somewhere safe and convenient.
Now just store the password safely in code somewhere in case it’s ever needed – never write the full words or numbers down anywhere, you need to remember those yourself. For example, the above passwords could be stored as…
-S0 (ie, the word beginning with S then the numbers beginning with 0)
-Rev5 a (ie, the numbers beginning with 5 in reverse, then the word beginning with a – but not capitalised)
-R half 1 (ie, word beginning with R then half the numbers beginning with 1)
That’s my way. An alternative is to simply create yourself a grid for each password such as:
A B C D E F G H I J K L M N O…..ETC
3 D A F U 2 1 P R A V 9 C I F
Here you remember just one key word, for example FAKE and you use that to look up the numbers in the password grid – here you’ll see its 23VU.
To set this up initially you just need to write the alphabet out then put the code in under your key word and fill in the others with random letters.
This is a bit chunky to do, but it does mean you only need to remember one password to get encoded access to all the others. It’s probably most useful as a way of writing down pin numbers rather than passwords though.
OK those are some techniques, what are your tips? Ensure you don’t compromise your security in your response.