Fix Your Terrible, Insecure Passwords in One Minute With This Foolproof Technique

Innovation, the Internet, gadgets, and more.
June 7 2012 5:27 PM

Fix Your Terrible, Insecure Passwords in One Minute

A new, improved foolproof technique.

Hackers stealing our passwords.
What's the best password?

Photograph by Jacob Wackerhausen/ThinkStock.

Right now you’re scrambling to change all your passwords. If you’re not, you should be. In the wake of a couple of massive security breaches—one at LinkedIn that nabbed 6.5 million passwords and another at eHarmony that compromised 1.5 million accounts—security experts are advising that people change their passwords at the affected sites and at every other site where you used a similar password. By now you’ve probably heard the time-worn guidelines for creating strong passwords: Don’t use your name or other common words. Use different passwords for different sites. Change them often. Choose security questions that don’t involve information that everyone knows about you, or stuff that crooks can easily find on Facebook.

For a lot of people, myself included, these rules are too much trouble. We’ve all got too many online accounts, so keeping track of different, ever-changing strong passwords for each site seems like a gargantuan task. The easiest way to fix this problem is to use password-managing software. I like LastPass, which generates and remembers passwords for all your sites across all your computers. (It’s free, but if you pay $1 a month for the premium version, you’ll get support for your mobile devices, too.) But for a lot of people—probably including you—even a password manager is too much trouble. Ignoring the guidelines, you pick a memorable password for all your sites, then just cross your fingers and hope for the best.

Well, I’ve got a better way. In 2009, I stumbled upon a foolproof system to fix all your terrible, vulnerable passwords in just five minutes. My method, which I filched from a commenter at a security forum—who says Web commenters are good for nothing?—generates very strong passwords that are also very easy to remember. This means that you can create good passwords for every site you visit.

Advertisement

But now I’ve got a better system. This new scheme generates even stronger passwords that are even easier to remember. The one disadvantage is that it doesn’t work at every site. For those places where it doesn’t work, you’ll have to use my 2009 method, which is still really good.

Enough preamble. Here we go.

The old, still very good way to fix your terrible passwords: Come up with a short phrase you’re likely to remember. Just like in school, it helps to make your mnemonic really bizarre—the stranger the phrase, the easier it’ll be to remember. For example, Kim Kardashian is the most amazing woman in all 50 states, or Mitt Romney and Barack Obama decided to make 10 waffles. Notice that my phrases use a mix of capitalized and lowercase words, and I added some numbers as well.

To make a password, just take the first letter of each word in your phrase. The sentences above would turn into KKitmawia50s and MRaBOdtm10w. Both of those passwords are extremely strong—they’re long, and they’re free of common English words that can be guessed by a computer.

You can generate different passwords for different sites by varying your phrase slightly for each one. The phrase LinkedIn is terrible at securing its passwords so it’s my 10th favorite social network will create a password for LinkedIn (LIitasipsim10fsn) as well as for Twitter (Titasipsim9fsn), Facebook, MySpace, and on and on.

TODAY IN SLATE

Politics

Smash and Grab

Will competitive Senate contests in Kansas and South Dakota lead to more late-breaking races in future elections?

I Am 25. I Don’t Work at Facebook. My Doctors Want Me to Freeze My Eggs.

The XX Factor
Oct. 20 2014 6:17 PM I Am 25. I Don’t Work at Facebook. My Doctors Want Me to Freeze My Eggs.

Republicans Want the Government to Listen to the American Public on Ebola. That’s a Horrible Idea.

The Most Ingenious Teaching Device Ever Invented

Tom Hanks Has a Short Story in the New Yorker. It’s Not Good.

Brow Beat

Marvel’s Civil War Is a Far-Right Paranoid Fantasy

It’s also a mess. Can the movies do better?

Watching Netflix in Bed. Hanging Bananas. Is There Anything These Hooks Can’t Solve?

The Procedural Rule That Could Prevent Gay Marriage From Reaching SCOTUS Again

  News & Politics
Politics
Oct. 20 2014 8:14 PM You Should Be Optimistic About Ebola Don’t panic. Here are all the signs that the U.S. is containing the disease.
  Business
Moneybox
Oct. 20 2014 6:48 PM Apple: Still Enormously Profitable
  Life
Outward
Oct. 20 2014 3:16 PM The Catholic Church Is Changing, and Celibate Gays Are Leading the Way
  Double X
The XX Factor
Oct. 20 2014 1:10 PM Women Are Still Losing Jobs for Getting Pregnant
  Slate Plus
Tv Club
Oct. 20 2014 7:15 AM The Slate Doctor Who Podcast: Episode 9 A spoiler-filled discussion of "Flatline."
  Arts
Brow Beat
Oct. 20 2014 9:13 PM The Smart, Talented, and Utterly Hilarious Leslie Jones Is SNL’s Newest Cast Member
  Technology
Future Tense
Oct. 20 2014 4:59 PM Canadian Town Cancels Outdoor Halloween Because Polar Bears
  Health & Science
Medical Examiner
Oct. 20 2014 11:46 AM Is Anybody Watching My Do-Gooding? The difference between being a hero and being an altruist.
  Sports
Sports Nut
Oct. 16 2014 2:03 PM Oh What a Relief It Is How the rise of the bullpen has changed baseball.