A simple way to design a secure password

Since we can access many of our belongings - from email accounts to bank accounts - online, it is important to have strong passwords.

When setting a password, two conditions should be satisfied:
1. the password for each account should be hard to guess, and
2. the password for each account should be different.

Condition 1 is obvious. A lock is useful only if it is hard to pick. A human being may try to break the password by using common personal information such as a family member's name. A computer can search through a dictionary of words and strings such as '123' that are commonly used in passwords (for example, see http://www.foxnews.com/scitech/2010/01/26/common-internet-passwords/).

Condition 2 says that you should not use the same key for all your locks, even if the key itself is secure (i.e. the password is hard to guess). If one account is compromised, for example an email account, then your bank account with the same password also becomes vulnerable.

The challenge with setting good passwords is that most people (including me) find it hard to remember many different passwords. To get around the problem, a person can design a simple rule to set multiple passwords. In order to meet both conditions above, the password creation rule must use two elements: 1. A personal key, and 2. A key that is unique to the account name.

For example, I am Arnab and I want to set a password for my Yahoo account. I could use a password 'ArnabYahoo', except that it would be predictable. But if I used a personal key 'alaihy' (which I can remember easily because it uses the first letters of the song "As Long As I Have You"), and replaced each letter of Yahoo with the next letter to obtain 'zbipp', and created a password by alternating the letters of the two keys to obtain 'azlbaiiphpy', then the password would be hard for a stranger or a computer to guess. The password for Google would similarly be 'ahlpapihhmyf'.

The above is just an illustrative example. There can be infinite variety in the ways in which a person can choose personal and account-specific keys and combine both. Depending on your appetite for complexity and your need for security, you can design a simpler or harder rule.

The vulnerability of the above approach is that if someone knew passwords from a number of your accounts, then the person could potentially uncover the rule you are using to design passwords. But the effort required to collect multiple passwords and uncover your rule is significantly higher than guessing/discovering one simple password.

Snapshots

Sharing a collection of pictures I have taken over the years...

 The yellow flowers above are from the Anza Borrego desert state park. The flowers eclipse the sun, which given them the 'halo'.

 Gerbera daisies from my potted flower garden.

 Hydrangeas. Not from my garden :)

 Some fallen twigs with a few leaves attached.

 From a memorable trip to Mt. Olympic national park. The beach was amazing... unique in its own way. This was a Thursday afternoon with few people on the beach.

 Portland rose garden.

 Portland...

 More Portland rose...

 And more...

 You guessed it. I like flowers. Roses in particular.

A shot of Mt. Rainier from the plane. My wife worked in Redmond, WA while I completed my PhD in Houston, TX. This was a familiar sight from the window as the plane approached Seattle.

 

Big Bend National Park. The wall on the left is Mexico. The one on the right is the United States. In between flows the Rio. Amazing spot to visit. This one is stretched on my desktop as a wallpaper right now. Makes me feel like I am staring down at the reflection of the cliffs in the clear, calm water.

 A solitary tulip from Skagit Valley, WA. In spring, the tulip fields are in bloom, and the valley is bursting with color. We were there on a cold, rainy day (so characteristic of the region). And it was pretty awesome then. On a bright day, I imagine it would be heaven.

(If you use these pictures, please cite the source.)