I sat down last night to begin the laborious process of changing all of my passwords now that the Heartbleed bug, described in this space on Wednesday, has been discovered. Though most reputable sites have closed the hole, keeping the same password is the very definition of closing the barn door after the horse has escaped.
Then I ran into a common problem: I have too many passwords to provide different ones for every site.
Time.com today provides the handy guide on getting around this problem.
In short, according to Rik Ferguson of Trend Micro:
1. Think of a phrase you can easily remember, for example:
“Motley Crue and Adam and the Ants were the soundtrack of my youth.”
2. Take the initial letter of each of those words:
MCAAATAWTSOMY
3. This will be the basis of the password, but we now need to make sure we use upper and lower case characters, numbers and “special characters” like !$&+ for example, let’s change cases first:
MCaAatAwtSomY
4. Now change some of those letters for numbers, maybe the letter O to a zero
MCaAatAwtS0mY
5. Now add the special characters, I’ll change the “and” into + and &
MC+A&tAwtS0mY
If you want a different password for every site, but only one to remember one phrase, add the first and last letter of a website name at the beginning or end of a password.
Related: Heartbleed Flaw Could Reach to Digital Devices, Experts Say (NY Times).