Corfy's Corner My little corner of the web.

(Originally published by me on EastOfIndy.com)

Passwords are a pain of the computer world. Everything needs a password. From an email newsletter to your favorite store to your bank, everything needs a password.

But there are problems with passwords. Make them too simple and easy to remember, then they are easy to break, allowing someone to get into your important data. If you make them difficult but write them down, then you run the risk of someone reading your notes. If you have one difficult password but use it everywhere, then if someone happens to find out somehow, they can get into all of your accounts.

One of the problems is that with today's technology, someone who knows what they are doing can break most passwords in a matter of seconds. That is because many people use passwords that are common words. If the word is found in a dictionary, then it can be easily broken. All a person has to do is set up their program to try every word in the dictionary until they get it right. With the speed of computers, they can run through the entire English dictionary in less than three minutes.

And the first on the list to try are almost always “password”, “123456”, “qwerty” and the ever popular blank password. If they know anything about you, other common passwords they could try are your name, your home town, your favorite sports team, your favorite television show, and your pet's name.

Have I listed your password yet? If so, unless it is for an account you don't care if anyone gets into, you should consider changing your password. Immediately.

One quick way to strengthen passwords is to use a mix of capital and lower case letters, particularly in the middle of words. Most passwords are case sensitive, and guessing “paSswOrd” is a lot harder than guessing “password”, although I use that for reference. I don't recommending using either.

You can also use some letter substitutions. If you look at your keyboard, the number “1” looks like the lowercase “l” or a capital “I”. The “@” looks like an “a”. The “$” looks a bit like an “s”. The number “0” looks a lot like a capital “O”. Also, an exclamation point looks like the letter “i” turned upside down. So instead of “password”, you can have “p@$sw0rd”. Of course, you can use a capital letter or two to make it even harder to guess, as in “p@$Sw0Rd”. Now that is starting to look like a significant password, and it shouldn't be that hard to remember. Although, again, I don't recommend using anything based on the word “password”. I'm just using this as an example.

Here is some practical advice for keeping strong passwords, and yet keep all of your passwords different. First, think of a sentence or phrase that is easy to remember, the longer the better.

For this example. I will use “I really need to come up with a new password.” Don't use this phrase, use one of your own. What the phrase is isn't as important as you being able to remember it.

Use the first letters of each of the words of the phrase. “irntcuwanp” That is a nice long password, and difficult to guess, but we can do better.

Now make a couple of substitutions using numbers, symbols, and capital letters (hint, you can replace the word “to” with the number “2”). “!rN2cuW@np”. In this case, I started with an explanation point to replace the “i”, and then used a capital letter before each of the other two letter substitutions.

That is a 10 character password that almost nobody will guess and will be very hard to crack, but at the same time, shouldn't be that hard to remember (assuming you started with a phrase that is easy for you to remember). But we aren't done yet. Because we still need to come up with separate passwords for every account. The key is to use those same characters for every password you use, but you add extra letters depending on what account you are using.

For example, to log in to your bank, you might use the word “bank” followed by the password based on your phrase, so you get “bank!rN2cuW@np”. Of course, don't be afraid to make some substitutions in your added part, like “b@nk!rN2cuW@np”.

For your email account, change it to “mail!rN2cuW@np". Your favorite store could be "sh0p!rN2cuW@np". Once you have the last part memorized, you can easily change the first part to suit your account.

Be creative. But don't be too creative. The important part of this is to remember your password.

Still, even with this method, it is a good idea to change all of your passwords every now and then.

Sometimes, however, even this trick is too hard if you have a large number of passwords. And if you are in a position where you have to remember passwords for accounts where the password can't be changed, then this method won't do you any good.

You may want to look at some software that stores passwords in a protected file. You still have to remember one master password to be open up the file, but once it is open, you can access all of your saved passwords with ease.

The program I use is called KeePass (http://www.keepass.info). It runs on Windows, or you can get a portable version that will run off a USB key, so you can always keep your passwords with you. If you aren't a Windows user, KeePassX (http://www.keepassx.org) produces a compatible file with KeePass and has versions available to run on Mac OSX and on Linux. Both programs are legally free.