Some good hints and tips, EC.

I never use pets or family names, or birthday or anniversaries etc, and I have a different password for everything.

However, I have so many passwords that I can't remember them and have to write them down in a book. If anybody gets hold of my book, I'm stuffed!

Now 

Now and again I see posts about passwords and thought I would write a piece about them (seeing as computers and security form part of my business).

From a personal point of view security of passwords and the accounts they protect is more important than having a password which is so simple to remember that a 5 year old can crack it.

However there is a way to have what would appear to be a difficult password to remember but which is in actuality rather easy to remember and much more secure, let me explain...

Here are a selection of the worst passwords as published:

password, 123456, 12345678, abc123, qwerty, letmein, 111111, iloveyou, trustno1, 1234567, 123123.

Also your pets, partners, children's names are common along with dates of birth, anniversaries and registration numbers (avoid all of them).

The reason to avoid real words is that there are applications which can perform 'dictionary' attacks. These as you would imagine use real known dictionary words to try when cracking passwords. Also anyone watching you type real words can remember them easily. Which brings me on to a better password selection methodology.

I use the memorable song method, although it couple be a poem or dialogue from a film or play in fact anything you know well.

The idea is quite simple, choose your memorable (in my example) song, next select the first letter of each word. This will make up your password. You can add in numbers and characters to make it that much more secure. See my example below.

Example

I have delected the song Down in the Park by Gary Numan.

Next I have chosen the paragraph I will use from the song which is:

Come to Zom Zoms'
A place to eat
Like it was built
In one day
You can watch the humans
Trying to run

Now I pick the first letter from each word to form the password.

Come to Zom Zoms'
A place to eat
Like it was built
In one day
You can watch the humans
Trying to run

So you end up with this

ctzzapteliwbiodycwthttr

For most this would be quite long, so you could just pick the first six words (letters) and use that.

(ctzzap)teliwbiodycwthttr

For added security I would add in some numbers, in this case the year the song was released, so my final password would be:

ctzzapteliwbiodycwthttr1979

or a shorter 6 letter password if preferred.

ctzzap1979

Now I know it all look a bit messy and hard on the eyes, but I currently have 34 character password in this format for my work accounts.

Trust me, I can now type it very quickly and people at work have no idea what I am typing as it looks like nonsense! So you can have colleagues standing by you as you type.

If anyone is still reading I take my passwords a bit further and below is how I would use the password above with all my added characters like capitalisation and non alpha characters.

Ctzzapteliwbiodycwthttr(1979)!

If you have any questions please ask away.  

I use random purchase order numbers that we have been sent by customers, using the ones that contain both letters and numbers and are at least 10 digits.

So it's not a good idea to have robbinglyingbastards!! as my internet banking password then?

Afraid not. However true it may be. 

Even if I added an ampersand after robbing and an asterisk after lying? 

It would help, but having taken out the real words there is only 2 characters still to guess.

Now and again I see posts about passwords and thought I would write a piece about them (seeing as computers and security form part of my business).

From a personal point of view security of passwords and the accounts they protect is more important than having a password which is so simple to remember that a 5 year old can crack it.

However there is a way to have what would appear to be a difficult password to remember but which is in actuality rather easy to remember and much more secure, let me explain...

Here are a selection of the worst passwords as published:

password, 123456, 12345678, abc123, qwerty, letmein, 111111, iloveyou, trustno1, 1234567, 123123.

Also your pets, partners, children's names are common along with dates of birth, anniversaries and registration numbers (avoid all of them).

The reason to avoid real words is that there are applications which can perform 'dictionary' attacks. These as you would imagine use real known dictionary words to try when cracking passwords. Also anyone watching you type real words can remember them easily. Which brings me on to a better password selection methodology.

I use the memorable song method, although it couple be a poem or dialogue from a film or play in fact anything you know well.

The idea is quite simple, choose your memorable (in my example) song, next select the first letter of each word. This will make up your password. You can add in numbers and characters to make it that much more secure. See my example below.

Example

I have delected the song Down in the Park by Gary Numan.

Next I have chosen the paragraph I will use from the song which is:

Come to Zom Zoms'
A place to eat
Like it was built
In one day
You can watch the humans
Trying to run

Now I pick the first letter from each word to form the password.

Come to Zom Zoms'
A place to eat
Like it was built
In one day
You can watch the humans
Trying to run

So you end up with this

ctzzapteliwbiodycwthttr

For most this would be quite long, so you could just pick the first six words (letters) and use that.

(ctzzap)teliwbiodycwthttr

For added security I would add in some numbers, in this case the year the song was released, so my final password would be:

ctzzapteliwbiodycwthttr1979

or a shorter 6 letter password if preferred.

ctzzap1979

Now I know it all look a bit messy and hard on the eyes, but I currently have 34 character password in this format for my work accounts.

Trust me, I can now type it very quickly and people at work have no idea what I am typing as it looks like nonsense! So you can have colleagues standing by you as you type.

If anyone is still reading I take my passwords a bit further and below is how I would use the password above with all my added characters like capitalisation and non alpha characters.

Ctzzapteliwbiodycwthttr(1979)!

If you have any questions please ask away.