[Note: I'm going to give examples of passwords in this post. None of them is or has ever been my password for anything. Also I'm using "password" but "passphrase" is probably better.]
Like most people in the business, I have to use passwords many times a day.
Like most people in the business, I have to change those passwords frequently, and they have to match a password policy: uppercase, lowercase, numbers and special characters.
Here's my system for making it as painless as possible.
- Start with an uppercase word. This way you hold down shift, or use caps lock, all in one unbroken string, then forget about it.
- Use dashes between the different parts of the password. Most "special character" policies don't require anything more special than "not alphanumeric". And you don't need to hold down a modifier key for dashes.
- Use numbers which match words like 4 for "for" etc. which are easy to remember, and failing that replace letters with numbers
And the final one which makes all the difference:
- Make it something inspiring or motivational
Say you're thinking of learning a new language this year. Your password could be
LEARN-2-code-in-Perl. Because you're going to type that thing many times a day, right? Why make it a random string like
GH^C6e36y%7w (thanks LastPass) when it could be
How about a fitness goal like
RUN-a-faster-5K? Or maybe a mindfulness goal like
MAKE-time-2-meditate or a social/political one like
You can probably think of better ones for yourself. And of course, vary the rules for extra security. Maybe the uppercase string goes at the end, or you use something other than dashes.
But we might as well redecorate that little room in our brains, which we have to visit so many times a day, with something which inspires us a little.