July 13, 2012 at 2:53 PM ET
The recent hack of Yahoo Voices exposed hundreds of thousands of passwords (you can enter your email here to see if yours was one of them), and security buffs immediately started digging into the data. What they found is the same thing they've always found: thousands of people using the same incredibly predictable passwords. Were you one of them? No time like the present to learn how to create a secure and memorable password.
First, a quick visualization of the shoddy password-making, courtesy of Sophos Security:
A hacker would naturally try these frequently occurring passwords and fragments before any others; if you have "123456" or "QWERTY" as your password, it's almost as bad as having no password at all. Similarly, public information like your name, birthday, and the like would also be easy pickings.
On the other hand, it's difficult to remember a strong password like "58aw7gk4ek91_4*02" — so how can you strike a balance?
One thing you can do is use a password management program (there are several to choose from depending on your platform) that will create, save, and automatically input passwords to sites and services, and all you have to do is remember one master password. This will help prevent other accounts from being hacked if one is compromised. But you'll still need a good, strong password to access the rest.
Picking a word and a couple numbers isn't enough. You have to throw a few tricks in there. Say your favorite book is "A Tale of Two Cities." Don't pick "dickens456" for your password. How about "@ToTC1859Iwtb0t"? The first letter of each word in the title, the year it came out, and the first letter of the first words in the book ("It was the best of times..."), enhanced with some simple substitutions (@ for A, 0 for o, etc).
Basically, anything that can reduce something you know and can remember to a jumble of letters (upper- and lower-case), numbers and symbols will make a stronger password than just a random word and number. It's not quite as good as a machine-generated, totally random password, but you won't have to spend an hour memorizing it, either.
Devin Coldewey is acontributing writer for msnbc.com. His personal website iscoldewey.cc.