By David Gavitt – CMPT 295 Student

Are you struggling with remembering your passwords, which are now required to be complex by many companies? The standard Microsoft password requirement has three rules: Passwords must have at least eight characters. They must contain at least two of the following: uppercase letters, lowercase letters, numbers and symbols. And they can’t contain the part of your email address that comes before the @ sign.

For some, this could be a daunting task, but look no further. When creating a password, just simply think of a phrase that you like, that means something to you or that pertains to the account you are going to be using the password for. For example, let’s use the phrase, “SMCC has a beautiful campus right on the water.” Take the first letter of each of the words, resulting in “Sh@bcrotw.” Another example would be, “1 green apple a day keeps the doctor away.” This results in “1ga@dktDa.” These passwords abide by Microsoft’s password requirements, they are not easily guessed due to the fact that they are not actual dictionary words, and they are also easy to remember due to the phrase we have used to create them.

It is also important to use more than just one password for your accounts. What is the reason for this? If someone were to crack your password, they would know your login information and your password. Most likely you’d have used these credentials somewhere else, such as email or Facebook. Some may think, “Oh, I don’t care. I don’t even use my email — I have nothing to hide.” Yeah, well, if they have access to your email, they will be able to use the “Forgot password” or “Reset password” feature that will then send a link to your email so they can reset it to the password of their choice. Also, they will be able to tell what other types of accounts you have with this email, due to the old or recent mail that companies have been sending to you or updates about your page.

Luckily, some companies are providing options for dual authentication methods. This would include something you have and something you know. For example, you know your password and user account information to log in; they then would ask for an authenticator code to make sure it really is you logging in. Some companies offer mobile authenticators that will provide you with a code that will vary in size depending upon the company. For example, if you have a Steam account, there is an option to enable mobile authentication. This would mean you have to download their Steam app, which would give you your five-digit code. This is important due to the fact that your credit or debit card is often attached to such accounts.

What to take away from this: Complex passwords are not as daunting as they may seem. Think of a phrase that you can recite from memory at any given time (you can alter it slightly for use with different account passwords). Use the first or last letter of each word — some capitalized, some replaced with symbols (@ for a) — and use dual authentication when available.

David Gavitt is currently enrolled in CMPT 295 as a senior seminar student. Visit davidgavitt.com for more will information and questions regarding the article itself.