Passwords and everything about it

It’s usually common practice to change your passwords once every 6 months or once every year.

The only problem is that people tend to leave this until the last minute and/or they never even do it at all because it’s a hassle to keep changing your passwords and it’s irritating to have to remember a NEW password all the time.

I am not advocating that you keep the same passwords for 5 to 10 years, but maybe we can be a bit lax and change our passwords once every 3 years instead?

I used to work for a corporation that made us change our passwords every 4 months. That was hell on Earth because we had 15 different passwords on different time frames with different requirements (8 letters, numbers only, or letters only, etc) and each time a prompt to change our email password was put on, I had to go to ALL of the passwords I could remember to all the different sites I had to log in, and change all of them too!

Here’s what I’m currently doing as my password strategy which I think is manageable enough to remember without having to consult my information to type in the password, but secure enough to handle 90% of all the problems.

Naturally, if someone is really trying to hack into your site, and they’re little geniuses, there’s not much you can do. Happens to the best of us, but this will foil about 90% of attackers.

Have 5 passwords

First password for all generic sites like newspaper sites you log in to read, or things that aren’t linked to your bank account and/or identification other than your ID.

Second password for sites that have a bit more of a tie to your banking or other secure information such as your telephone number or address. I’m saying things like Amazon, Networking websites (LinkedIn or Facebook), Etsy and so on.

Third password strictly only for banking sites such as your ING Direct, Investment accounts. Don’t ever use this password for anything other than banking or investing. Period.

Fourth Password JUST for your emails and/or Blogger (if you blog). I have a separate one just for emails because I don’t like using my banking password, or anything less secure like LinkedIn or Facebook. It’s deadlier to get a hold of your emails than it is to get into your Amazon account because you can always cancel the Amazon account and report a break in. With an email account, it’s a lot harder and you are at risk with all of your secure emails and documents.

Fifth password that is your deadliest one. I am talking Upper case, Lower case, numbers, characters, the whole mix. I have one totally memorized for this but I barely get a chance to use it because a lot of sites don’t allow special characters like “?” or “#”.

Come up with a good combination for all 5

This is an example of the most commonly used passwords and their areas (Campus, Business, Residence)

I admit to having used a couple of these, but not for my personal accounts.

Don’t pick full words if you can. Or if you do, make them really random words, or half words that only mean something to you. I wouldn’t worry so much about the complexity of these passwords for the very low security sites that you don’t care about and just read newspapers on.

Do not use words or phrases that have personal significance.

Don’t pick easy to remember things like “caleysdad” or something so simple that you could crack it with a little ingenuity.

Go for the 8 letter combination of numbers and letters.

Mix the numbers and letters. I usually do something like:

Two numbers, Three letters, Number, Letter, Number


Don’t put in uppercase anything, leave it all lowercase, and if a site happens to ask for an uppercase letter, then just make the first letter uppercase and make a note of that quirk somewhere. But don’t change the password entirely just to put in an uppercase letter.

You can also help find your random password by typing it one or two rows above. Muffles becomes: j7rro3s

For your fifth password, make it at least 8 characters long (not less than 6) and a mix with special characters (#, @, etc) and an uppercase letter or two and find a good way to remember.

Use a sentence if it helps. e.g. “I have 2 dogs called Rover and Fido” gives: Ih2dcRaF

And use punctuation to your advantage. To incorporate a colon into the previous example as your special character, remember the sentence as “I have 2 dogs: Rover and Fido”, which would give: Ih2d:RaF

Use other things to help you remember your password like the street you grew up on, and your first pet/something hard to guess from your past, put a number sign in between, substitute some letters for numbers (l33tspeak comes to mind).

Examples you can use:

A = @
O = 0
I = 1
E = 3
F = 4
S = 5
G = 6
L = 7
B = 8

For example: Marie grew up on Ocean Avenue, and her first pet was Muffles. The password would be: 0c3@n#muffl35

Change your passwords every 3 years or when they’re compromised

Change your passwords every 2-3 years or when you think someone has hacked into the accounts.

And make a note of them somewhere with a cryptic message if you can.

Save questions for secure and unsecure sections

The most secure questions should be saved for just your banking and investment accounts. DO NOT choose the same questions (if you can) for other less secure or important sites.

If you must use the same questions, put a different answer for the less secure sites and make a note.

This may be going too far and be too paranoid but it would help just in case someone finds out your first pet was named “Muffles”.

Can anyone else offer any more help or information?

About the Author

Just a girl trying to find a balance between being a Shopaholic and a Saver. I cleared $60,000 in 18 months earning $65,000 gross/year. Now I am self-employed, and you can read more about my story here, or visit my other blog: The Everyday Minimalist.