Practically everything today requires a username and password. Remembering all of them can be daunting. So how can you create good passwords? And even more challenging, how can you safely keep track of them all?

Creating a Good Password
An entire book has been written on the tasks of creating the perfect password. (Perfect Passwords, by Mark Burnett and Dave Kleiman). I’ll save you some reading time, the basic do’s and don’ts are as follows:

Do:

• Make your password at least 8 characters long.
• Include different types of characters in your passwords - lowercase and uppercase, numbers, punctuation, symbols, etc.
• Use different passwords for every system, website account, etc.
• Consider using a pass phrase rather than a word.
• Change your passwords at least once every 3 months.

Don’ts:

• Do not use personal information like your name, username, date of birth, anniversary, the names of your pet, or of your child.
• Avoid using words that can be found in the dictionary - even in foreign languages.
• Do not reuse the same password from the previous nine months.
• Avoid having 3 or more repeated or consecutive characters in your password.
• Do not tell anyone your password.

The password challenge becomes even more difficult to manage for accounts requiring you to combine complex unique passwords with different usernames. The challenge is further compounded when sets of both passwords and usernames are coupled across multiple systems. Even though you may be using the right password, your username might be incorrect, or vice versa. If you are like most people you probably find yourself using the “Forgot Password” feature a lot or calling tech support for password resets.

Well here is the solution, write down your usernames and passwords. Yes, I know we’ve all been told to never write down passwords. I am not talking about writing down your passwords on a sticky note you later place on your monitor or even in your desk drawer or keeping password notes for reference in your Outlook or PDA. What I am talking about rather is recording your username and passwords in a secure place, by creating a “Password Vault”.

For those of you reading this and shacking your head saying no, no ,no; here are some reasons why users should record their usernames and passwords in a secure place. An average user often has to remember 10 or more separate usernames and passwords between their personal and professional lives. Most systems are requiring users to use 8+ character passwords with uppercase, lowercase, numbers, and even special characters. If you can actually keep track of all of them and recall them from memory without forgetting your bank PIN and phone number in the process, congratulations. By recording your passwords in a secure location, you’ll be empowered to create complex passwords for each account rather than creating a universal easy to remember password like “Password1” or “ABCefg123”.


Create a Password Vault
The security of your “Password Vault” should depend on the nature of the passwords and systems access they protect. For personal use, if you are securing just a few passwords, you can use a sealed envelope placed in a fire safe. For professional application, if you are a network administrator, you can store usernames and passwords in an encrypted database requiring biometrics to access. I’ll assume for the purpose of this guidance that most of you fall somewhere in the middle.

For this category of users, a system that stores all your usernames and passwords in an encrypted file or database is recommended. This can be accomplished by using password management software (Goggle: Password Management Software) . Password management software works by creating a password protected encrypted file or database of all your usernames and passwords. Password management software typically requires only one super password to access all of your usernames and passwords. The password you create for your "Password Vault" needs to be more than a simple 8-character password; we need to create a super password, a pass phrase. Similar to a password a pass phrase is longer and more complex. Here is how to create a complex pass phrase.

1. Pick a phrase that is easy to remember, for example “four score and seven years ago”.
2. Now let’s add some uppercase letters, I’ll make every other word uppercase "Four score And seven Years ago”
3. Now add numbers, I’ll replace “S’s” with “5’s” and “E’s “with “3’s” "Four 5cor3 And 53v3n Y3ar5 ago”.
4. Finally I’ll add some special characters “Four-5cor3_And-53v3n_Y3ar5-ago!!”

This creates a 32-character pass phrase with uppercase, lowercase, numbers, and special characters and with some practice it is easy to remember. This is the type of super password you will want to use on your “Password Vault”. Now we have a system that requires us only remember our pass phrase to access all of our usernames and passwords. By using this secure method of recording your passwords it is easier to use more complex, unique passwords and therefore create better overall password security for all your password protected accounts.

Please share your password challenges or questions in the comment section.