Most people need to remember secure (long and complex) passwords for dozens different services. As this requires the mental horsepower of the Rain Man, they tend to use the same one or two passwords everywhere.
Come the inevitable day that one of these services is breached, every one of the user’s other accounts using the same password is vulnerable.
A trick to solve the problem occurred to me the other day, and I don’t see it documented anywhere else, so here it is;
- Use a base passphrase* e.g.[highlight]AllYourBaseAreBelongToUs!xx[/highlight]
- Where xx is a number e.g. [highlight]AllYourBaseAreBelongToUs!27[/highlight]
- Decide a memorable a base number of 2 or greater e.g. [highlight]6[/highlight]
- Choose a letter position for a given service e.g. [highlight]the 2nd letter[/highlight]
- Then for each service take the 2nd letter of its name e.g. Google is ‘o’, Yahoo is ‘a’ etc
- ‘o’ is the 15th letter of the alphabet, so multiply your base number by 15 e.g. [highlight]6 * 15 = 90[/highlight]
- Use this number as the variable in your passphrase
- So you have a unique password for Google of; [highlight]AllYourBaseAreBelongToUs!90[/highlight]
This way you can have a unique password for each service, without the hassle of remembering a wholly unique password every time.
*Why you should use a passphrase by the awesome xkcd;