Create and keep track of secure passwords

Ideally, a password should be an entirely random collection of numbers, cases and letters; these shouldn’t be next to each other on the keyboard. Such a jumble of characters is far from instantly memorable but there are ways to come up with something that appears random.

Try typing a memorable word but every time you go to press a letter use the key above and to the right of the letter in question: the word ‘pseudonym’, for example, becomes ‘-e48r0j7k’. This is far more secure yet easy to decode if you forget.

There are any number of similar spatial approaches; try taking a name ­ we’ll use Kate as an example ­ and typing each letter followed by the key above, then below, it. On a standard British Qwerty keyboard this would create ‘Ki,aqzt5ge3d’.

You could also try thinking of a sentence you can remember and taking the first letter of each word in that sentence. Your daughter’s date of birth might not be secure in itself, but taking the first letters from words in the phrase ‘My daughter ­ Kate ­ was born on the 14th of August 2005’ would create the strong password ‘Md-K-wbot14oA2005’.

Strength in numbers
Any password based on a code or keyboard trick could technically be decoded eventually, so for added security we would suggest adding a four-digit number rather like a Pin.

Make sure this is random and not based on a birth date or phone number (we’ll use 7435 in our examples) and add it to the start of the password. Do not use your bank or credit card Pin.

You can check the strength of any password you think up using an online password checker ­ a service such as Passwordmeter will analyse your password and give you a score based on your inclusion of varied cases, symbols and numbers as well as how often these are used consecutively. Our password ‘-e48r0j7k’ scores 82 per cent using this system, while adding the Pin to create 7435-e48r0j7k achieves an ideal strength rating of 100 per cent.

Sadly, the security of even the best password diminishes significantly the moment you use it on more than one website. It’s a bad idea to trust the same password you use for important accounts such as your email or online banking with any number of smaller sites that may have less stringent security in place. If one such site’s database is hacked into and your email address and password is stolen, for instance, the attacker could gain access to all your more important accounts.

Remembering 10 or more passwords for different accounts may seem like an impossible task but adapting a strong password for use across multiple sites need only involve adding two or three extra letters. We would suggest adding a few extra letters between the Pin and the rest of the password and changing only this small part for different websites.

So, if our strong password with Pin is 7435-e48r0j7k we might use 7435Am-e48r0j7k for Amazon, 7435Ho-e48r0j7k for Hotmail, and so on. This adds an extra level of complexity, so even if someone manages to steal one password they won’t have instant access to all the others.

Password managers
If remembering such complex passwords turns out to be a challenge, there are special programs that can help. One of the best available is Keepass Password Safe, a small, free piece of software designed to keep careful guard over a list of passwords.

It acts like a safe: you remember the one password needed to open it up and it stores all the others safely inside. You can also opt to use a key file ­ this is a small file stored on a USB memory key that works just like a physical key: you will need to plug it into the PC to unlock the program.

Since the program stores all the passwords for you, allowing you to simply paste them into websites, you can use passwords that are extremely secure if not exactly memorable. It even includes a tool to generate long, unique and incredibly secure passwords.

There’s also a portable version of Keepass that can be carried around on a USB memory key and used on whatever computer you happen to be using.