Open in app

Sign in

Write

Sign in

Stop Making Dozens of Passwords

Thomas Holt Russell
6 min readOct 12, 2022

All you Really Need is One Strong Password — stop playin’

Made By Dall-E

In 2008, my wife purchased my first biometric computer as a gift for me. I registered my fingers on both hands just in case I lost one of those hands, and the system worked fine. I was a little surprised at how well it worked since it was the first iteration of biometric computers. I thought that this was the beginning era of biometrics. I was wrong.

Years later, passwords are still used to access most software and hardware systems. Though biometrics has made significant inroads into our digital infrastructure (I still believe biometrics is still the future of security), passwords are still the number one way to access systems.

Experts asked us to make several passwords for our systems and to change those passwords frequently. Most people use the same password for several systems, and even cybersecurity experts do the same, though most do not admit it. I will admit that I use one password for most of my systems.

There is nothing wrong with using one password for several systems: As long as it is a strong password. It is not difficult to make a strong password. There are three attributes a password must have; they must be long, complex, and easy to remember. I will demonstrate a process that will allow you to make a long, complex password that is easy to remember. My way is not the only process for creating strong passwords; it is only one of many practical ways. But I’ve been making my passwords this way for a long time and never had any negative issues.

Let’s start with a 16-character password. Here’s one I just made for this demonstration: rhb175061*381GMD

This password may seem difficult to remember if taken as a bunch of randomly generated characters. However, my method of making passwords makes a password such as the one above not only long but very easy to remember.

My method: I was always a Yankee fan, having been born and raised in the South Bronx with Yankee Stadium in walking distance. Baseball is an excellent sport for statistics. Stats allow us to compare players from different eras, which is always the driver of lively conversations in barbershops, sports shows, and homes throughout America. In the process of participating in meaningful discussions, many people are familiar with the statistics of some of their favorite players.

Since the Yankees are my favorite baseball team, I am very familiar with the stats of some of the great players. I figured I could make a password to reference the significant Yankee statistical records compiled for a single season. It is easy to make the password long because there are so many different stats I’m familiar with. Remember, the longer a password, the more difficult it is to crack. Simple. A password should be at least 16 characters long and no more than 24. Next, I want to ensure I add some complexity to this password. This means I will use numbers, letters (lowercase and capital), and any special symbols.

There are three significant records I keep track of the most; Runs Batted in (RBIs), home runs (HR), and batting average (BA). I want to reference the Yankee season records for these stats. Just to throw a wrinkle into all of this, I will pick the second-best record in the categories instead of the top record.

Next step, I am going to split my password up into tokens. Tokens are three to four characters long and represent a portion of your password. Breaking a password up like this helps to remember it better.

The first part of the password is the 2nd best RBI record, 175 for Lou Gehrig. Then the second-best home run record for the Yankees, which is 61, by Roger Maris. Then the 2nd best record for batting average is 381 by Joe DiMaggio. This is all I need to make a 16-digit password that I can easily remember quickly.

Let’s have a look at potential tokens:

  • rhb = the first letters of the three stats, RBI, HR, and BA (lowercase)
  • 175 = the number of RBIs Gehrig hit in a season
  • 061 = is the number of home runs Roger Maris hit in a season. Since my tokens are three characters long, I put a 0 in front of Maris’ 61. (plus, it is always good to have 0s in your PW)
  • * = the asterisk goes with the Maris record, as they had it in the books for years. Additionally, this allows me to use a special character set. If you are a baseball fan, you know why the asterisk is next to Maris’ record. If you don’t know, just put it there anyway.
  • 381 = the batting average for DiMaggio (pretty high for second best)
  • GMD = the letters for the names Gehrig, Maris, and DiMaggio (all CAPS)

So you have: rhb175061*381GMD

This is an easy password for me to remember because it has meaning for me that I can easily associate the tokens with. This would not be a good password for someone who is not into baseball or unfamiliar with baseball. If you like to bake apple pies or fly drones, that would be something to concentrate on. It has to be something meaningful to you. This is a great way to make a long and complex password that would be difficult to break and that you can feel comfortable using on different websites. This password uses all three character sets and is long. I tested this password below. It is VER strong.

Make your new password and go to this site to test its effectiveness.

https://www.passwordmonster.com/

If you paste in the password I generated here; you will see that it takes 19 billion years to crack this password using the best tools available. That password would give a hacker diminishing returns if she tried to hack it. It would not be worth a hacker’s time to try to hack this password.

The earth will not even exist during that time from now!

There are variations of this method. After you make a core password, you can add a token or use one of the existing tokens that are a code for the type of site you are on, such as sites that have to do with finance, entertainment, education, etc. Those tokens can be a combination of upper and lowercase letters, numbers, and symbols, of which you can make a token out of, such as ^&% can designate healthcare websites.

Other tips –

  • Avoid dictionary words
  • Practice writing your password to gain muscle memory. You will be surprised how quickly you can write a long password without thinking about it.
  • Keep your password as a single idea or theme. My theme for this example was only Yankee baseball.
  • Use spaces as delimiters between words, i.e., space, underscore a hyphen, etc.
  • Use geeking, exchanging characters for others of similar shapes, such as @ for a, Vv for w, or $ for S.Make a core password with only three tokens and use the other two tokens to designate the type of password or what the password is for.
  • Using all character sets increases password protection exponentially. A hacker would have to process the entire existing keyboard possibilities needlessly. That is another futile waste of time for a would-be criminal.

This is not difficult to do. Just as when someone gives you a recipe, you can add your own spin and make it your own. I hope I have alleviated some of your angst and guilt about using the same password for multiple systems. Just make it stronger.

Note:

As you can see, the password below would take over 210 billion years to crack! That’s my private password. I will give you a hint as to what that password is…I’m also a New York Mets fan!

Reality will cease to exist in 210 billion years!
Passwords
Digital Security
Cybersecurity
Biometrics
Education

--

--

Thomas Holt Russell

Written by Thomas Holt Russell

142 Followers

Founder & director of SEMtech, Writer, educator, photographer, and modern-day Luddite and Secular Humanist. http://thomasholtrussell.zenfolio.com/ My writing is

Help

Status

About

Careers

Blog

Privacy

Terms

Text to speech

Teams