I work as a System Admin, and i see some big servers. Its horrifying how many have passwords that are easily guessable with a dictionary, or even pass123.
I see end users with better passwords!
I get it, its hard to recall lots of different passwords, and lots of sites, especially with numbers, capitals, punctuation enough to make it secure! So this is what i usually suggest to users.
Use 3 passwords on all sites, and change it regularly (every 3-6 months or when you hear a major site was exploited).
Password 1 is the ‘crappy sites, blogs, news sites etc’ , its your goto every day password
Password 2 is the ‘slightly more important sites, dont really want them easily taken’
Password 3 is your Banking sites, or things that are super important (work etc)
Now you know how many different passwords you have, we can get on to making complex but easy to remember passwords!
Think up a phrase, a saying, a quote from a movie/book, a song, or bunch of things that you like. In this example I’ll use a quote from Harry Potter
“It is our choices, Harry, that show what we truly are, far more than our abilities”
Now to turn it into a password, chose the first (or last, or something) letter from each word. Keep capitalization and punctuation.
This turns it into
Iioc,H,tswwta,fmtoa
Now swap out some letters for numbers (eg e for 3, a for 4, i for 1, o is 0) and now you have
I1oc,H,tswwt4,fmt0a
Pretty good password yeah? now you just need to remember the phrase/quote/song/etc and you have your password!
As a general rule, beware of passwords longer than 12 chars, some sites won’t accept them, so it pays to have a longer one and shorter one just in case.
Now go create your new secure awesome passwords!