Standard Approach to Passwords

Introduction:

Not so much a library entry, rather something that sysdamins may want to use and promote to their users.

You need a lot of passwords these days. You have the unsavoury choice of using the same one (or anyway a handfull) for all accounts, or making up a new one every time and keeping them all somewhere secure - even though we are always told to NEVER write it down, etc.

Aim:

This is a standard approach to passwords that generates good secure passwords, yet you can remember what they are.

Requirements:

Being annoyed by the advice of security experts on one hand, and the (in)ability to remember a few dozen passwords on the other.

Procedure:

• Think of a four letter word - yes, THAT one if you insist. e.g. "cola".
• Think of a number between 0 and 99 inclusive. e.g. "64". (If yours was less than 10, stick a zero on the front of it - you need two digits.)
• All your passwords start with the first two letters of your word and the first digit of your number. e.g. "co6".
• All your passwords end with the second digit of your number and the last two letters of your word. e.g. "4la".
• For each system that you need a password for, assign an easily rememberd TLA (three-letter acronym for non-geeks). e.g. If, say, you have an HSBC bank account with online banking, use something like "hsb". That is the middle of your password.
• Putting it all together, your password, in this instance, is: "co6hsb4la", something that most security pixies will tell you is pretty damn secure.
• If your TLAs mount up, you can always write that bit down because, without the rest, they are pretty much useless.
• If you get it just right, you can come up with something that, if you squint a bit, looks a bit rude: bo1loc4ss!