Designing Good Passwords

Life in the 21st century is pretty good: Supermarkets are increasingly stocking organic foods, there are high-quality TV shows like The Simpsons, The Sopranos, and The Office, and scientists are discovering promising treatments for many diseases. But modern life is not without its drawbacks.

Think, for example, of passwords. Everywhere you turn, it seems that you're being asked to create, remember, and regularly change a unique password. You know it's for your own good to do so, but it's just not so easy to do.

This was a topic that recently came up on our Liquid Lounge discussion board. Fool Community member theGreenMartian posted a link to an article on how someone had his entire retirement account stolen from his brokerage, when someone used his password.

You can read the entire discussion here, but permit me to focus on one of the topics it covered: passwords. Board denizens offered some great advice on password management that I'd like to share.

TMFKitKat shared some of TD Ameritrade's advice on passwords, such as making them unique (example: "Il9vemyd1g") and changing them every 30 days.

Eaglehaslanded responded with thoughts that echoed mine: "Does anyone else find this completely ridiculous? Change it every 30 days to a random combo of letters and numbers with no meaning to you, and remember them. Oh, and change them on every account you have -- I can think of probably 12 or 15 financial accounts that I have Web access on."

TheNajdorfDefens countered with some great advice: "There are many simple techniques you can use. ... One idea is your nickname, any state [where born, etc.], year went to college, etc., so like [caps sensitive]: eagleNEVADA42 would be one that would be easy to remember and very hard to hack. If you wanted to keep that, just add 1 to the 42 every month ... so you would always get it within 2-3 tries if you forget."

OgreActive suggested picking a key on your keyboard and then making a circle around it, adding in a punctuation mark or two, if one doesn't already appear. So if you picked L, for example, a circle around it might include O, P, :, >, <, K, and I. The resulting password could be LOP:><KI, which you could further enhance by changing the case on one or more characters.

Others chimed in with their own thoughts and suggestions. UsuallyReasonabl noted that "E*Trade offers some kind of digital security ID. They send you this thing, and evidently it gives you a number that you have to enter to get into an account. This seems like a nice additional level of security, although I would prefer a hardware key that plugged into my USB port."

Gocanucks shared a recent news item that TJX (which includes T.J. Maxx, Marshalls, HomeGoods, Bob's, and A.J. Wright stores in the U.S.) had a lot of confidential customer information stolen. It's not alone -- such stories have been in the news a lot. (Fortunately, credit card losses are capped at $50 per government edict. Read more about the perks of plastic.)

Do you have any password tips to share? Do so on our discussion boards.

Meanwhile, learn more in these articles:

• Win the War Against Identity Theft
• Is Your Password Too Good?
• Paris' Privates Exposed

For more money-saving information, tips on great deals, and general investing guidance, take advantage of a free trial of our new Motley Fool Green Light newsletter service. I think you'll like what you see.

Longtime Fool contributor Selena Maranjian does not own shares of any companies mentioned in this article.