Tip of the Day Blog
    The Web
« Loading Your Favorite Programs Automatically | Main | Battery Life Boosters »

Beware of obvious passwords


Beware of obvious passwords

CBS MarketWatch

NEW YORK - One of the most annoying aspects of modern life's ''conveniences'' may well be the ever-growing list of codes and passwords we must memorize for electronic access to everything from bank accounts to our favorite Web pages.
These passwords, however, are often the only thing standing between you and an identity thief, who would use your financial information to commit fraud.
For this reason, consumers should take passwords seriously and not rely on common memory strategies used by both individuals and companies.
When choosing a password, avoid using typical personal, numerical information like birth dates, phone numbers or a part of a Social Security number.
Also avoid the use of pets' or relatives' names, such as your mother's maiden name. These are relatively easy for identity thieves to find.
When banks request this information to open your account, give them a password of mixed letters and numbers instead.
Although not the best practice, I use one password for all my needs.  If you do this also, make sure it is a secure password.  A perfect multi-use password is 8 characters long, and it has extended characters (e.g. $#%),a mix of upper and lowercase letters, and a number.  For example:


This password should be accepted by most any web site and is very hard to crack.  Certainly, no one will guess it.
Here's an article on how to remember these complicated secure passwords,aid,114143,00.asp
E@4#N or E@4#W? How to Remember Strong Passwords

With so much of your personal data stored on a hard drive or on the Internet, the only way to maintain your privacy securely is by creating tough passwords and changing them regularly. But how do you dredge up e*TY#$98@ from your already overtaxed brain?

You don't need to have a perfect memory. Here are a few ways to come up with passwords no one else will guess, but that you'll be able to recall:
Make the password out of the first letter of a list of several words. The list you use can consist of a sentence or perhaps the names of your children, brothers, or favorite football teams, but you can turn any memorable string of words into a memorable password. Robert A. Heinlein did just that in his 1966 novel The Moon Is a Harsh Mistress, when he made up the acronym tanstaafl from the first letter of each word in the sentence, "There ain't no such thing as a free lunch."

Turn words into numbers and special characters. Adding anything from the number row of your keyboard (either the numbers or the shifted special characters) to a password makes it much stronger. For instance, you could turn a memorable pet emergency into the password m3dcac^at ("My three dogs chased a cat up a tree").

Blend the letters of two or more words into one password. Rather than using your mother's name as a password, you could combine the words mom and Ella into the password Emlolma by alternating letters from the two words. Need a new password? Just reverse the letters to make amlolmE.

Use password manager software to keep track of your passwords. The tricks identified above will help people with average memories keep a reasonable number of passwords in their heads. But what if you frequently need to buy a vowel just to remember a coworker's name, or if you have dozens of password-protected accounts?

In such situations, the best option is to use software specifically designed to manage, securely store, and help you use your passwords. Two examples are Password Safe and Password Corral.

Even if you have a good memory, it's wise to store your passwords in a password manager, just in case. Because it's scary how many people can foil the other popular password storage technique--Post-it notes stuck on the underside of your desk.

Andrew Brandt is senior associate editor for PC World. You can e-mail him at

EmailEmail Article to Friend