I have a different password for everything. And I couldn’t tell you even one.
2016 Update, 5 years later: I would recommend using a password manager instead (I use KeePass).
Everybody knows you should have a different password for everything. But hardly anyone does. It’s not that they don’t want to, it’s just because they can’t remember them.
Now I’m not claiming to have invented the method I use, but I’m advocating its use. It’s a way of remembering a password in such a way that I couldn’t recite it to you even if I wanted to. It also makes passwords far more secure by looking like random letters and numbers (I say “looking like” because it’s not actually random, as you’ll see below). I don’t need to store these passwords in an application, I don’t have a master password that generates them. I just use the keyboard.
You see, your keyboard layout is two-dimensional. Say you were to type the word “
envelope“: (Yes, you can type in that textbox below)
Pretty easy, right?
Now type it again, but this time, type the letters that appear above the letters in the word: (for instance, the “Q” key is above the “A” key on a standard US keyboard)
You should see you have typed “
3hf3o903“. That’s not only fairly random-looking, but you only needed to remember the combination and the word “envelope”.
So if you come up with your own special combination, you only need to remember that combination. That’s it. You don’t even need to remember the word, because you can just use the name of the service you’re signing up for. You need a password for YouTube? Using the above combination, you get the password “
There are many combinations you can use:
- Up and to the right
- Two to the right, use the shift key on the second one (also introduces symbols into the mix)
- Alternate between up and right on odd and even keys
There are a few limitation so this method, however:
- Pretty much only “above” and “right” work; left won’t work for the keys “Q”, “A” and “Z”, unless you want to loop back to the right side of the keyboard.
- Banks and other websites often have limits on the amount of characters you can use in a password. I can not think of even one reason as to why this is.
- Sometimes websites will refuse certain elements, such as symbols, so it’s good to have two combinations, your default one that may sometimes create symbols, and a backup one that has no chance of creating them.
- When logging into a service using a mobile device, you’ll probably have trouble. Often mobile keyboards have their keys aligned directly on top of each other, and the number keys aren’t in the right spot (above the keyboard). There’s not really any way around this if you use an Apple device, but you can install different keyboards on Android.
In my opinion, the benefits far outweigh those points above; having a secure account is paramount, and the only way in doing so is to have separate passwords.
A paper by the United States Air Force Academy on a very similar subject: