A lot of articles written here at TechRebublic and other forums, blogs, etc. are about creating passwords. I’ve seen quite a few good ideas about strategies and personal systems for creating strong passwords that aren’t dictionary terms or typical strings that a brute force attack can overcome easily. Many of the articles have some really nice suggestions for masking a new password so that it can be remembered AND still be secure. So far, so good: for one or a few passwords!
The problem is that in the real world people have lots and lots of passwords – usual more than they think. Once they get past a couple of strong passwords that they can reasonably carry around in their heads, most people will fall back into old habits like reusing passwords, or using your children’s names and other words that can easily be guessed. Any strategy for creating passwords has to make sure that it is used consistently. The weakest link in the security chain is always going to be us: the drive of human nature is for us to try to eliminate work and make things easy.
My approach is to take several elements that I like best from some of the proposals I?ve seen and use them for a couple strong passwords. (I?ll leave it to you to pick and choose your own!) I can remember a couple strong passwords, but not for all the online accounts that I have. One of the passwords I use as the master password in Sticky Password (http://www.stickypassword.com). I?ve mentioned it in a couple of forums here at TechRepublic. I?ve tried a few programs over the last several years, and it?s the best program I?ve found. With Sticky Password, I can have it create the strong random strings as passwords, or I can have it store a password that I?ve created.
