How To Easily Remember A Different Password For Every Site

Everyone knows that one of the best ways to protect yourself from online security disasters is to use a different password for each account. But do you do it? Probably not, because at first glance it looks like an unreasonable burden, having to either remember dozens of unique passwords or having to keep them all written down somewhere (which in itself is a security risk). The website offers a simple way to create a unique, easy to remember password for every account.

Step One

First, rather than remembering a word for your password, remember a phrase instead. For example:

“I Have Way Too Many Passwords To Remember”

Then take the first letter of each word as your password, so…

I Have Way Too Many Passwords To Remember”

would be: ihwtmptr

This makes your actual password look very random. Alone, this would be a pretty secure password.

Step Two

Say you need a password for your bank (ex. Wells Fargo). Just take the first letters of the name

(Wells Fargo = wf) and add it to your password:


Or another example, if you need a password for Facebook:


This way your password is different for every site, is secure, and all you have to do is remember one phrase!

We saw a similar article in the latest issue of the hacker digest 2600, although the author in that piece suggests using the lyrics to a favorite song or poem you’ll never forget—in his example, the classic Ice Ice Baby: “Alright stop, collaborate and listen, Ice is back with my brand new invention” becomes ascaliibwmbni. From there, you can add in letters unique to the website as in the example above, and/or replace letters with special characters or numbers.

Using either method, you should be able to replace that one, overused password with a bunch of unique ones that aren’t easy to guess and are resistant to brute force cracking, without taxing your memory much more than before.

Update: I mentioned above that you can add special characters or numbers if you like. As several readers point out in the comments below, it’s not so much an “if you like” option as it is a requirement if you really want to create a strong password. Another point worth mentioning is the above example is really mainly for illustrative purposes, and you should find a more obscure way to add letters to your base “word” than just appending the site’s initials, which can be too easy to figure out. Be sure to read the comments below for several suggestions on how to improve the examples above.

“Remember Just One Password That’s Unique For Every Site” []
Winter 08-09 Issue [2600 – The Hacker Quarterly]

Want more consumer news? Visit our parent organization, Consumer Reports, for the latest on scams, recalls, and other consumer issues.