I used to do that. For the longest time, I used the same password for my email account as I had on Facebook, MySpace, Classmates, LinkedIn, Twitter, Digg, Del.icio.us, Craigslist, eBay, and every other website that required a username and password combination for access.
No longer.
Fast forward to earlier this summer when I realized that all it took was someone to hack one account to break into all of my accounts. You can read more about passwords and the do's and don'ts of password creation at Microsoft, Symantec, and McAfee, among other sources.
I needed to change my bad ways and created a new password for every site that required one. I devised a mnemonics system to instantly remember the password without writing it down.
Here's one way you could do what I did:
- Without using anything found in a dictionary or the result of a Google search, create a series of letters and numbers that holds meaning to you and nobody else, and that you can remember.
- Choose a 7-character nonsensical word, complete with both uppercase and lowercase letters and numbers.
- When you visit a new website that requires a password, type the 7 characters, preceded and succeeded by other letters and numbers, depending on the site.
- For instance, if your base password is Qweras6, then...
- Your password on Words.com is: wQweras6ds5
- Your password on Torgs.com is: tQweras6gs5
- Your password on Billboards.com is: bQweras6ds10
- Your password on Froggy.com is fQweras6gy6
Do not use that system!
My system is totally different, but the above gives you a near fool-proof way of having a unique password for every website without fear of it being hacked.
Do you have other tips for password security? If you currently use one password for all sites, will you now consider changing your ways like I did?
Thanks to David Bradley @ Sciencetext for inspiration.
Link to original post