14 characters, upper and lowercase letters, numbers, special characters, and no common words? AND a different one of those passwords for every account you have?

No problem with this trick.

Recent data leaks by AT&T and Roku bring some awareness of the importance of having good strong passwords. 

The Roku leak in particular should be enough to prompt people to review their passwords. The Roku leak was compromised by hackers for the practice of something called “credential stuffing.”

Credential stuffing is when a bad guy gets a password they begin trying the same password on multiple accounts. If a victim uses the same password for Facebook as they do for their bank or credit card accounts, the bad guy suddenly has the passwords for all of those accounts.

The reason people often use the same password for multiple accounts is that they’re hard to remember especially if the passwords match the criteria suggested by experts. The criteria is:

  • 14 or more characters
  • No common words
  • A mixture of uppercase and lowercase letters, numbers, and special characters.

There’s a trick to this though, using two of your favorite movies or songs. Here’s the trick:

  • Think of two songs or movie titles
  • Take the first letters of each word
  • Use upper and lowercase letters. For example, use the correct grammar. Lowercase letters for ‘of, the, and, and a’.
  • You should have a long password such as DotEoTCiLCiA (“Darkness on the Edge of Town” and “Changes in Latitudes, Changes in Attitudes”)
  • Place a number between the song or movie titles and a number. DotEoT8%CiLCiA
  • Since that unique password should not be the same for every account, use the first and last letters of the account to help you remember.
  • For Facebook, it would be “FDotEoT8%CiLCiAk”, for Google: “GDotEoT8%CiLCiAe”, etc.
  • Commit that password code to memory. If you’re at home it’s safer to write it down on a sheet of paper and place it in a book if you need it.

In a matter of a few weeks or months, you’ll remember every unique password for every account. 

If one of your accounts is ever leaked by a company, you’ll just need to change the number or special character. 

This simple trick will protect your accounts. Share it with your kids who are just as likely to use the same password for multiple accounts as baby boomers.