One of the most common headache that people are facing is to remember the dozens of passwords associated with every site. What most people do to simplify the matter is to use one single password for all their acounts. To make thing even simpler, an easy to remember word is used as the password. It is not surprising to see that ‘password’ tops the list for the 10 most common passwords. Some of them trying to be smart, put a 1 behind the ‘password’ (which means ‘password1’) and pray that the hackers are not as smart as them to come up with such an ‘ingenious’ idea.
The problem with using the same password is that once someone finds out your password, all your accounts become instantly accessible by third party. If someone cracks into your Amazon.com or Paypal account that contains your credit card information, the result is going to be devastating.
How can I remember so many passwords?
In programming, a secure way of storing password in database is to use salted hash. A string of words is used as the key (also known as ‘salt’) and append to the user entered password. This newly formed password is then hashed using md5 encryption and the result is stored into the database. To illustrate, a user entered ‘password1’ as his password. The script then appends a salt known as ‘iloveyou’ to the password which results in ‘iloveyoupassword1’. This password is then encrypted to produce a random string ‘228e4011b6afbevge44e3d787d606407’ which is then stored into the database.
Now, how does all this apply to you?
This is simple. Using the same concept as salting, you can generate thousands of passwords easily. Using one base password, what you need to do is to append the site name to your password. For example, if my base password is ‘iloveyou’, then I can set the password for my Yahoo email as ‘iloveyouyahooemail’ and bank account password as ‘iloveyouXYZbank’. In this case, you can generate different password for different sites. And since your password is long and not a word found in the dictionary, it will be difficult for hacker to crack it.
To make your password even more secure, you can use a mix of number, upper case, lower case and special characters for your base password. ’15@gdH34′ would be a good base password. Some websites only allow 8 characters password, so you might have to play around with your base password to control the generated password length.
What I have listed here is only one of the way you can use to generate passwords. You are free to experiment and set your own rule. If you have some interesting ways to generate passwords, do share it here.