In addition to the experts’ tip that a long passphrase — such as a song lyric or movie quote — should be used instead of a password and using only the first letter or letters of each word in the phrase, Mr. Hulbert said he makes his password stronger by translating the result using the Alt key. For example, assuming the site allows passwords with special characters, he might take this line from the film “The Princess Bride” — “Hello. My name is Inigo Montoya. You killed my father. Prepare to die.”— and convert it into the 15 character password: “HmNiImYkMfPtDie.” Holding down the Alt key (on a Mac) as you type would make that password: Óµ˜ˆˆµÁ˚ƒ∏†Îˆ´.

I’ve used the same online password since having to initially come up with something to log on to my “America Online” account sometime in the ’90s, when, if I needed to use the Internet on the family computer, I had to plug into our house’s landline and announce to my family that nobody could make calls for a few minutes while I checked my email (You’ve Got Mail!). The password is long, complicated and coded, because I was the sort of kid who was really into cryptology and writing letters to my friends in coded messages. But I do use an easy, throwaway password for non-financial or social media accounts whenever I have to register for something where it won’t matter so much if I get hacked—like my Pandora account. Oh, you saw that I was listening to One Direction on Spotify? Uh, I was hacked.


6 Comments / Post A Comment

aetataureate (#1,310)

Password discussion always walks a fine line between prudent and totally bananaphone. But, tween Mike Dang choosing a cryptology-strong password for America Online is about the cutest thing in the world.

You should probably have a different password for every relevant/important site/service you use. I, too, have a throwaway pw, but for the important things (Twitter! Facebook! Bank! Gmail!), I have a standard password that’s really long, but memorable for only me, and for each one of the different sites, a unique “key” in the middle. So, to use the classic XKCD example http://xkcd.com/936/ if my standard password is “CorrectHorseBatteryStaple”, the Twitter password might be “CorrectHorseRetweetBatteryStaple” and Facebook might be “CorrectHorseLikeBatteryStaple”, and so on.

cee (#589)

please make up more passwords! it isn’t safe.

i have an eight-symbol code that was a ssh account password when I was 18 or something, and it’s so much “my password” that I tend to append it to new passwords to make them longer and more complicated, so i recognise password attachment. but a unique password for each website (chosen thematically so you can remember which is which) really is a lot safer than one password for all the important things, even if it is complicated and cryptographical.

step one: get a password manager like KeePass or LastPass so you don’t have to reuse passwords or memorize a million of them

step two: generate passphrases with this delightfully nerdy tool

step three: fill with rage every time an important financial institution imposes arbitrary character limits (you have ACH access to my checking account and MY PASSWORD CAN’T BE MORE THAN 16 CHARACTERS? FFFFF UUUUUUUUUUU student loan servicers and utility companies!), disallows spaces or requires you to have at least one capital letter and number.

step four: you’re still at the mercy of the internal security of all the companies you have accounts with, but at least now you can amuse yourself making up littles stories about the passphrases you use the most.

@Lorelei@twitter My university account, which uses the same password for email and all other transactions, including financial, requires a password of EXACTLY seven characters. Which is so idiotic that I don’t even have words for how idiotic it is.

Comments are closed!