What the Tech with Jamey Tucker: Password Hints
Password Hints
Recent data leaks by AT&T and Roku bring some awareness of the importance of having good
strong passwords.
The Roku leak in particular should be enough to prompt people to review their passwords. The
Roku leak was compromised by hackers for the practice of something called “credential
stuffing.”
Credential stuffing is when a bad guy gets a password they begin trying the same password on
multiple accounts. If a victim uses the same password for Facebook as they do for their bank or
credit card accounts, the bad guy suddenly has the passwords for all of those accounts.
The reason people often use the same password for multiple accounts is that they’re hard to
remember especially if the passwords match the criteria suggested by experts. The criteria is:
● 14 or more characters
● No common words
● A mixture of uppercase and lowercase letters, numbers, and special characters.
There’s a trick to this though, using two of your favorite movies or songs. Here’s the trick:
● Think of two songs or movie titles
● Take the first letters of each word
● Use upper and lowercase letters. For example, use the correct grammar. Lowercase
letters for ‘of, the, and, and a’.
● You should have a long password such as DotEoTCiLCiA (“Darkness on the Edge of
Town” and “Changes in Latitudes, Changes in Attitudes”)
● Place a number between the song or movie titles and a number. DotEoT8%CiLCiA
● Since that unique password should not be the same for every account, use the first and
last letters of the account to help you remember.
● For Facebook, it would be “FDotEoT8%CiLCiAk”, for Google: “GDotEoT8%CiLCiAe”,
etc.
● Commit that password code to memory. If you’re at home it’s safer to write it down on a
sheet of paper and place it in a book if you need it.
In a matter of a few weeks or months, you’ll remember every unique password for every
account.
If one of your accounts is ever leaked by a company, you’ll just need to change the number or
special character.
This simple trick will protect your accounts. Share it with your kids who are just as likely to use
the same password for multiple accounts as baby boomers.
