Creating and remembering strong passwords — like backing up our computers' contents — is something many of us know we should...

Share story

Creating and remembering strong passwords — like backing up our computers’ contents — is something many of us know we should do but don’t.

Can you blame us? Having to come up with usernames and passwords for virtually everything we do on a computer is enough to make anyone use “Magic123” over and over. I’ve even heard of people who keep lists of passwords taped to their computer screens.

With a little time and discipline, you can create strong passwords and do a better job managing them.

Of course, no matter how many precautions you take, no password is 100 percent secure. By the same token, you don’t have to follow all the advice in this column to avoid password theft.

By now most people know you shouldn’t use personal information such as your name, birth date or address in a password. It’s also not a good idea to use something obvious such as “1234” or “password.”

Longer is stronger

Passwords should be at least 7 or 8 characters in length. The longer the password, the stronger it is.

Next, choose a password that would appear as nothing more than a random list of characters to someone else. Use both uppercase and lowercase letters and, if possible, use punctuation marks from all over the keyboard.

One technique is to take a phrase that means something to you or a line from a favorite song and create a password by taking the first letter of each word of that phrase or line.

Make sure to add in some symbols. For instance, you could replace an “a” with “@,” but use this technique sparingly in your password.

David Liberatore, the director of engineering at AppRiver, a Pensacola, Fla., area anti-spam software company, said you should never give out real information in the password helper sections.

So for your mother’s maiden name, make up a name you can remember. Use your favorite vacation spot instead of your place of birth. Substitute the name of a pet from a TV show or movie for your real pet.

This may seem extreme. But Liberatore, who has worked in online banking, said that with so much data stored online, if a vendor storing your personal information gets compromised, hackers could use that personal information to piece together details about you and access your account on another site.

To be extra careful, change your passwords regularly.

Password manager

Because most people need passwords to secure important information, remembering more than one or two long passwords is difficult. That’s where password managers come in.

These programs typically are encrypted and act as a vault to store all of your usernames and passwords. You only need to remember one master password to open them.

If you use a Mac, you already have a password manager called “Keychain,” which stores your passwords and can automatically enter them in login fields on Web sites.

There are also lots of downloadable password managers, such as KeePass Password Safe (, RoboForm (, and PassKeeper (

I tested KeePass, which is free, and found it easy to install and use. Once you’ve set up the program, you create a “database” to store your passwords. KeePass lets you organize your passwords in groups and it can generate secure passwords for you.

Once the passwords are set, you can copy and paste them into Web sites or drag and drop them.

If you are the only one using your computer, you can have your Web browser automatically remember them for you.

But this shouldn’t be the only place you store your passwords, because when your data from your browser is cleared (or if your computer dies), your passwords will vanish.

You can also download and install KeePass on portable media such as a USB flash drive.