Security in the internet age has long been neglected by the majority of users, even though their data has been at risk or even exposed not only recently. Nevertheless, many users struggle to use password managers in order to use strong and unique passwords for all services they use. You recognize yourself? Then there is good news for you: Even without using a password manager, it is quite easy to generate and remember secure and unique passwords for everyday use. Just follow the steps below and instantly use passwords complying with all standards which experts recommend for strong passwords.
- Should be at least 12 characters long
- Should not contain words which can be found from a dictionary
- Should not contain any personal information
- Should contain lower case letters, upper case letters, numbers, plus special characters
- Should be unique for every website/service used
You can easily create and memorize passwords complying with these requirements by creating an individual rule.
- Password core element (fix): Think of a sentence, a line in a poem, of a song or similar that is important to you. Take the first letters of every word, or the last letters and put them together. The result should be something like “iwnwseb”
- Enhance the password core (fix): Make every second, third or whatever letter upper case: “IwNwSeB”
- Password element divider (fix): Use one or two special characters as a divider between the password core and the next element: “IwNwSeB$!”
- Unique password element (variable): Next step, you create a password element which depends on the website/service you use individually. Mostly, the name of a service will be unique, so you create a rule based on this. For example: for any service you use, you use (the number of letters in its name) +/- /* (X). E.g. for (# of letters * 5) with “Facebook” results in “40”. This leads to “IwNwSeB$!40” As this is the most important part, you can (and should) create a unique calculation rule for this which does not have to be too complicated, yet not too easy. (In fact, this example is one of the easy ones which are easy to remember.)
- Password close element (fix): This can be whatever addition, be it a fixed special character, a number, another core element. You can play around with rules 1-4 freely for this. Let it be “#7”, which finally leads to “IwNwSeB$!40#7” in this example, which is a strong, 13-character password which is easy to remember no matter what service you use it for.
So your rule is: (Take the n-th letter of every word in [your line here]) + (make every n-th character of the result upper case) + (add [special char 1; special char 2] as a divider) + (calculate a value from the service’s URL following the rule [F] and amend the result) + (amend [char 1; char 2; …; char n]). All done.
All you have to do is to memorize your individual rule by heart (and I mean it!) and never let anyone know.
Nevertheless, always remember that security is relative. Even using strong passwords is not 100% secure: It will protect you from so called bruteforce attacks (randomly trying all possible combinations of all available characters), but a human analyst (and in the future possibly an AI) could most likely extract the rules you use. But as of now, it’s a matter of economics: as long as you’re not a terrorist or something, noone will ever invest the time and effort necessary as most passwords are much easier to crack. And even if your passwords gets re-calculated from leaked hashes, you will only have to renew your password with ONE of your services instead of all.
Plus, you will feel much better, which is half the battle anyways 😉