Online security is becoming more and more important.  Everyday we hear about hackers breaking into websites and stealing a user’s identity.  If a hacker can gain access to a website, they may possibly have access to your credit card information, social security numbers and more, depending on the data the site collects.  A simple, yet overlooked security measure is the password.

I have met users who use common knowledge terms for their passwords.  The password may be a pet’s name, family member, favorite car, birthplace… Users choose these passwords because they are easy to remember.  In most cases, a user will use the same password for all of their accounts.  Doing so is simple and requires memorizing only one phrase.  There are two problems with this.

1) Common knowledge passwords are very easy to guess.

2) If a hacker guesses a password, they could have access to all of your accounts.

I propose two solutions.  The solution to the 2nd problem is easy.  Use different passwords for all accounts.  It may be more difficult to remember them.  But it is better to provide more security than less.  The common knowledge solution is a little more difficult.

Many websites are starting to require a certain number of characters and character types to be present in a password.  This is great.  It helps provide a unique password that is difficult to guess.  For example, the password @3T_6y is harder to determine than one that is your spouse’s name.  Due to the difficulty of randomized passwords, few users choose to implement them when not required to.  By choosing the easier route, you leave yourself more open to attack.  How do you remember a difficult password?

Start by creating a reference sheet.  A reference sheet references a different character (or characters) to each letter of the alphabet, punctuation mark and symbol on the keyboard.  For example, A may be @, I may be 1, E may be 3.  Memorize your references.  Do not write them down.  Do not let others know about it.  If someone knows, then someone will be able to use it against you.

Next, while creating a password, choose a term or phrase to apply your reference sheet to.  If you are on an insurance website, you may choose the term “insurance”.  Depending on your reference sheet, the password may become “1NSuR@Nc3″.  Because you have you have a capital letter, lowercase letter, symbol and number you have already bypassed many password requirements.  Because the word visually represents “insurance” and you have a specific reference to each letter in the word, it is easy to remember.  Now you have a way to create unique, difficult passwords.  Passwords that are easy to remember.

If the word is random, every site will have a different password phrase.  Having hundreds of accounts would mean hundreds of passwords.  With the scheme above, you still have to remember the password phrase you used.  Or do you?  When creating a password phrase you could create a scheme to create the phrase.  You may choose to use the website name, tagline or url.  You may even make it more difficult by choosing the first letter of each word in the company name and tagline together.  By employing one of those schemes, you can easily determine what your password phrase was.  Sure, someone could figure out your scheme.  Even if they did, they would still have to know the references to each character.

I have employed similar techniques with my accounts.  I have a reference sheet memorized.  Some characters are represented by two or more other characters.  This adds even more security to my reference sheet.  I also have my own scheme for determining what my passphrase was.  I never memorize a single password.  Well, after repeat visits to the site, I will memorize it.  In the beginning, I just determine my passphrase and then convert it to the proper characters.  Easy to remember and difficult to guess.  Simple, great security.

Just remember, never, ever give out your reference sheet or any other schemes.  Do your best to stay secure and stay safe.