With the recent Heartbleed security fail, many sites are recommending that you change your username/password, just in case.

Which is, admittedly, a giant pain.

We all KNOW we shouldn’t use the same password everywhere, but creating a new, unique, strong password for every site you use can be a pretty impossible task.

Strong Passwords

Don’t use dictionary words. Mix capital letters and numbers.

Unfortunately, it turns out that the common misconception of random letters and numbers isn’t all that much safer than your childhood cat’s name.

Don’t believe me? Please check out this XKCD comic.

Uniqueness

The ‘ol correcthorsebatterystaple routine may be nice for one site, but how do you remember passwords for every site you go to?

My proposed solution? Salting.

Take a good, random word combo that isn’t too long. Saaaaaay “batteryhorse”

That’s your salt.

Now, cap and number that sucker. “Batt3ryH0rse”

That’s nice and strong all by itself. Now say you’re making your password for tumblr.

The first three letters of tumblr are “tum”

So your password for Tumblr is Batt3ryH0rseTum.

And your password for Facebook is Batt3ryH0rseFac

Suddenly, you have a strong, unique password for every site you use. And best of all, when you need to change the passwords, you just change the salt. C0rr3ctStapl3Fac.

Weakness

This type of password is very weak to human hacking. If your kid finds out what your salt is, they can log in to any site you use. On the other hand, it’s very strong to computer hacking. Computers aren’t going to be able to get into your gmail because your facebook gets compromised.

Related posts: