Help me create a new password

CrazyRabbit

TLDR Summary
Got any suggestions for a new password? 8+ Characters with a number included, but not at start/end.

The "I don't have ADHD" version
(Rant bit)
The company I work for insists on using the archaic policy of forcing employees to change their passwords every 90 days, and not allowing the last 15 password iterations to be re-used.

The problem is...the average employee has about 10-15 passwords and I unfortunately have 47 due to my role.

Since it's practically impossible to remember that many passwords and since we're not allowed to write them down, I've gotten into the habit of using the same password for most of the applications/sytems.

(Request bit)
Well, the 90 days is up and I have to choose a new password, but I've run out of ideas for a nice easy-to-remember password.

So dear AH users, please help by offering some suggestions!!!
(Password must be at least 8 characters long and have a number in the middle, but not at the end(??))

Caliden

type it into notepad with your elbow.

/thread.

Mint Sauce

CrazyRabbit wrote: »

TLDR Summary
Got any suggestions for a new password? 8+ Characters with a number included, but not at start/end.

The "I don't have ADHD" version
(Rant bit)
The company I work for insists on using the archaic policy of forcing employees to change their passwords every 90 days, and not allowing the last 15 password iterations to be re-used.

The problem is...the average employee has about 10-15 passwords and I unfortunately have 47 due to my role.

Since it's practically impossible to remember that many passwords and since we're not allowed to write them down, I've gotten into the habit of using the same password for most of the applications/sytems.

(Request bit)
Well, the 90 days is up and I have to choose a new password, but I've run out of ideas for a nice easy-to-remember password.

So dear AH users, please help by offering some suggestions!!!
(Password must be at least 8 characters long and have a number in the middle, but not at the end(??))

What ever number your using now, just use the next number up.

January

Think that's bad, my company made us change our passwords every month. B*stards

Morlar

Caliden wrote: »

type it into notepad with your elbow.

/thread.

How do you magically hit that same elbow combination day after day after day ? Huh huh huh ? ? Seriously though that would work.

drunkmonkey

CrAzY0001 and so on and so forth, in 90 days change it to CrAzY0002, easy;)

fricatus

Y0reMa%*+

Conor108

12345678
next 90 days -> 81234567
next 90 days -> 78123456

And so on.

Fringe

Come up with something memorable. eg banana. Then shift your hands to the right by 1 key so it will come up as nsmsms. It looks like gibberish but you'll remember it.

Caliden

Morlar wrote: »

How do you magically hit that same elbow combination day after day after day ? Huh huh huh ? ? Seriously though that would work.

You learn it off after you've typed it in. duhhhh

Mint Sauce

That last company i worked for it was every 30, 60, and 90 days. With a dozen or so passwords it was hard to keep up with them all.

orourkeda

urma as in Your Ma

Mint Sauce

drunkmonkey wrote: »

CrAzY0001 and so on and so forth, in 90 days change it to CrAzY0002, easy;)

Conor108 wrote: »

12345678
next 90 days -> 81234567
next 90 days -> 78123456

And so on.

He cant have numbers at the beginning or end.

kincsem

YPLWKBSDM
ZQNPRDTSX
HGNMZTBFC
RNMYQFLPX

Just remove the vowels (AEIOU) from the alphabet, and random sort the consonants. Easy to remember too.

YumDeiseMum

Use the name of the month it is when you are changing your password

n0v3mb3r

or an important date that you will remember easily

march17th

AnonoBoy

Here's some hard to crack suggestions for you:

Gandalf
drowssap
pass123
password%
Letmein
CrazyRabbitisCool

airetam_storm

Use KeePass

Wiki wrote:

KeePass Password Safe is an open-source password management utility for Microsoft Windows, with unofficial ports for Linux, Mac OS X, and a variety of other systems.

If you use Linux or OSX use KeePassX

Saila

"Ive_been_f0cked"

MarkR

http://www.onlinepasswordgenerator.com/

Overheal

http://memory-alpha.org/wiki/Command_authorization_code

Brian CivilEng

Think of your favourite song, let's say it is Barbie Girl by Aqua.

Sing the lyrics, and take the first letter from each word.

I'm a Barbie Girl, in a Barbie world. Life in plastic, it's fantastic.

Think of where it got to in the charts, so No. 1.

Your new password,

IaBGiaBwLipif1

KeithM89_old

Just mash your face on the keyboard and use whatever comes up - thats where my passwrord for boards came from

squod

As a rule I always use swear words. That way anyone looking over my shoulder gives themselves away as they giggle or gasp at what I just typed.

CrazyRabbit

AnonoBoy wrote: »

Here's some hard to crack suggestions for you:

Gandalf
drowssap
pass123
password%
Letmein
CrazyRabbitisCool

I'm pretty sure nobody would ever try the last suggestion.

opinion guy

CrazyRabbit wrote: »

The problem is...the average employee has about 10-15 passwords and I unfortunately have 47 due to my role.

47 passwords ?!?
Seriously who needs that many passwords ?

CrazyRabbit

abitofacomedian wrote: »

Think of your favourite song, let's say it is Barbie Girl by Aqua.

Sing the lyrics, and take the first letter from each word.

I'm a Barbie Girl, in a Barbie world. Life in plastic, it's fantastic.

Think of where it got to in the charts, so No. 1.

Your new password,

IaBGiaBwLipif1

Thanks for making me depressed by reminding me that such crap songs can still top the charts. Oh and I can't use numbers at the end.


Oh, and eek, I forgot that another 'policy' is that you can't use 3 consecutive letters used in the last 8 passwords. So I can't just change part of the password.

Thanks everyone for all for suggestions though. I have an idea or two now.

CrazyRabbit

opinion guy wrote: »

47 passwords ?!?
Seriously who needs that many passwords ?

Well I own/support 27 applications, so have Admin passwords for them.
Mail client (Lotus Notes)
Admin username/password for a few webpages I look after on our intranet.
IIP/LDAP authentication for 'common company applications' (Hate this one as the username is the full internet address and no application/website remembers it)
3 Windows logons (Laptop + Primary PC + Test PC)
8 passwords for remote desktop control of our development servers.
DB/2 schema access for reporting.
Electronic payslip.
Asset tracking tool Admin password.

And before long, I'll probably need one to use the toilets.

stoneill

just use random shapes contained in the keyboard.
the last three letters on each row going up and take the fourth letter in on top (in this case R) and go down heading left.

this will give a password mlprdx

first three letters up and 7th row down right
This gives zaqujm

and so on...

expand it to as may characters as needed.

opinion guy

CrazyRabbit wrote: »

Well I own/support 27 applications, so have Admin passwords for them.
Mail client (Lotus Notes)
Admin username/password for a few webpages I look after on our intranet.
IIP/LDAP authentication for 'common company applications' (Hate this one as the username is the full internet address and no application/website remembers it)
3 Windows logons (Laptop + Primary PC + Test PC)
8 passwords for remote desktop control of our development servers.
DB/2 schema access for reporting.
Electronic payslip.
Asset tracking tool Admin password.

And before long, I'll probably need one to use the toilets.

Dude. Just get a new job:D

danniemcq

why don't you change all of them at once but use the same one then for all 47

Royal Irish

I had the same problem OP and I had a system were I would assign each thing I needed a password for a number. In my case it was 6, so it would be 123456, and for the first 90 days my password for 1 would be the name of a girl I slept with and the year she was born, so Sarah1984, and number 2 would be Mary1979, so on and so forth. After the 90 days, Sarah gets moved to number 2, and Mary gets moved to number 3, and number 6, Maryssister1982 gets moved to number 1.

Leeg17

pen15club

PogMoThoin

I have 1 password that I use for my email, lastpass and a few sites like boards etc, all others are completely random generated by lastpass
https://lastpass.com/

Redshift

You need to come up with a password convention, if your current password which you use for everything is for instance apples
then for your applications start making passwords like

laptop@11_apples for your laptop
asset@11_apples for your asset tracker
boards@11_apples for boards.ie

then in 90 days change the two digit number to the month you changed the password in.

laptop@02_apples for your laptop
asset@02_apples for your asset tracker
boards@02_apples for boards.ie

Once you pick a convention known only to yourself it is possible you have a unique complex password for each login that is easy for you to remember, actually all you need to remember is your usual password and in this example your month code.
Obviously make your own variation on this but it works well for me.

pickarooney

Work your way through the list of countries of the world, changing some of the letters to numbers. Too straightforward?

CrazyRabbit

danniemcq wrote: »

why don't you change all of them at once but use the same one then for all 47

I don't get to choose when the expire or when I can change some of them. Oh, and it would be against the ever growing list of security 'guidelines'.

CrazyRabbit

Redshift wrote: »

You need to come up with a password convention, if your current password which you use for everything is for instance apples
then for your applications start making passwords like

laptop@11_apples for your laptop
asset@11_apples for your asset tracker
boards@11_apples for boards.ie

then in 90 days change the two digit number to the month you changed the password in.

laptop@02_apples for your laptop
asset@02_apples for your asset tracker
boards@02_apples for boards.ie

Once you pick a convention known only to yourself it is possible you have a unique complex password for each login that is easy for you to remember, actually all you need to remember is your usual password and in this example your month code.
Obviously make your own variation on this but it works well for me.

Cant use the same 3 consecutive letters from previous passwords. Forgot to mention it in original post. Good idea though.

bothyhead

airetam_storm wrote: »

Use KeePass

If you use Linux or OSX use KeePassX

+1

Create as many as you need - or let it create random ones such as 6UKXZhpbAzvCw1a1EgCS - and assign them a meaningful description. You just need to know one master password to unlock them all. If the website or application that you are logging into has a unique window title, the correct password can be retrieved by a simple keystroke sequence.

p.s. just remember to backup the KeePass database!

Princess Peach

123retard

You should be able to manage that

FoxT

There is a free application called Steganos Locknote ( & there are others as well I am sure, but this works for me) .

- Steganos Locknote allows you to type in text & when you save it, it is encrypted.

- If you need 47 passwds then I suggest you adopt some convention ( many good ideas above) then use Locknote to store them. They are encrypted so will be reasonably safe, unless you work fro MI5 or something.

- rename the locknote file to something innocuous & make a backup of it.

- FoxT

Sanjuro

CrazyRabbit wrote: »

(Request bit)
Well, the 90 days is up and I have to choose a new password, but I've run out of ideas for a nice easy-to-remember password.

So dear AH users, please help by offering some suggestions!!!
(Password must be at least 8 characters long and have a number in the middle, but not at the end(??))

Or you could just leave your job.

CreepingDeath

I imagine someone has come up with a mobile phone app to solve this problem.
Store all the passwords securely on your mobile phone.

But I've heard good things about "LastPass" too, from the excellent computer security podcast "Security Now". Those guys really know their stuff.

the_syco

A sentence from a song you like. Use a number 4 a word, as I have just done.

eg:
Born2befree!

Dravokivich

CrazyRabbit wrote: »

And before long, I'll probably need one to use the toilets.

Jaysus... bastards trying to monitor usage of every last thing...

:pac:

Capt'n Midnight

https://www.youtube.com/watch?v=BOJrmTF3TCs

Just use aaaaaaaa on week 1 and then bbbbbbb on week 2 etc.

CrazyRabbit

Princess Peach wrote: »

123retard

You should be able to manage that

I don't like using my boards.ie password in work.

Sea Sharp

I always use:
"nobody1will1ever1think1of1this"

Not really!

CrazyRabbit

CrazyRabbit wrote: »

TLDR Summary
Got any suggestions for a new password? 8+ Characters with a number included, but not at start/end.

The "I don't have ADHD" version
(Rant bit)
The company I work for insists on using the archaic policy of forcing employees to change their passwords every 90 days, and not allowing the last 15 password iterations to be re-used.

The problem is...the average employee has about 10-15 passwords and I unfortunately have 47 due to my role.

Since it's practically impossible to remember that many passwords and since we're not allowed to write them down, I've gotten into the habit of using the same password for most of the applications/sytems.

(Request bit)
Well, the 90 days is up and I have to choose a new password, but I've run out of ideas for a nice easy-to-remember password.

So dear AH users, please help by offering some suggestions!!!
(Password must be at least 8 characters long and have a number in the middle, but not at the end(??))

No2010ember
Dec2010ember
Jan2011uary

and no I don't use those

wyndham

B1GBOOBZ

B2GBOOBZ

PandyAndy

Started off in my workplace with Password001. Now it's Password037, soon to be Password038 and so on. And it's the same password for every application It's well secure.

Capt'n Midnight

Security depends on where the password will be intercepted

if someone can get at the hash tables then they could see that you use the same password everywhere, in which case insert the name of the system into the middle of the password


It's been shown that forcing people to change passwords frequently means they choose easy to remember ones (ie. ripe for a dictionary attack) and just change a digit / date , usually at the end of the word. ( some users were observed changing passwords 24 times so it could use their original one again )

The advice about using a name of a song , you can ignore as they are also subject to dictionary attacks.

To avoid many of the vanilla dictionaries you could use a misspelt word in Irish, and not a girls name. Then again some older systems ( Lanman ?) remove fada's when generating the hash which kinda sucks big time