Guide to choosing good safe passwords
The password you choose enables you to gain entry to a site, a document, or a database. If the security system uses a password for the only barrier, then once you enter the correct password for your account, you have full access to everything you are entitled to access. If somebody else tries to access your account and enters your password, the computer knows only that the correct password has been entered, and that person now has full access to your account.
Of course you should never disclose your password to anybody. That would be like locking the door to your house and leaving the key in the lock. Your bank account can be cleaned out. Even if you keep your password secret, it can be simple to crack it if it is a simple password. A password that is a single word can be cracked very quickly by a dictionary attack. The attacker has a program that just tries all the words in the dictionary until one makes the lock go “click” and the door opens.
The most common password in use today is “password”. That is totally useless. Your name is almost as bad, because it is likely that anybody trying to hack in to your account knows your name. At a minimum, you need a password with a mix of letters, numbers, and symbols. Mixing lower case with capital letters makes it stronger.
For example, if you want your password to be “Houston”, you can modify it a bit and make it strong. Add some numbers and it is Houston55. That is a little better. Insert a symbol and you have “Hou*ston55”. This password is not unbreakable but it is very strong. Password authentications are generally designed so that multiple access attempts with the wrong password will lock the account, so guesswork is unlikely ever to crack that password.
Many companies insist you change the password you use to access company documents on a regular basis. The easiest way to do that (and remember what you did) is to increment the number. In the previous case, your new password would be “Hou*ston56”. How do you remember each password? That can be a problem. Using the same password for everything works just fine, except that if somebody does get your password (like by installing a key-logger) he will have access to everything.
You could write a list of passwords on a sticky note and put it on your monitor, but that would make it too easy for somebody else to get them. Write them all down a piece of paper, carefully noting which password is used for which account, and place the paper in a desk drawer. Put it in the top right drawer. No thief will ever look there. Or, if you are really smart, tape it to the underside of the top right drawer. Thieves do not know anything about that hiding place.
Using a different, secure password for each account, and being able to know which password applies to which account, is a problem without a clear solution. If it is easy to remember, your password probably is not secure. If it is secure, it is difficult to remember exactly what it is and which one goes to which. If you write it down, somebody might read it. There is no clear, universal solution.