Randal Stross of the New York Times explains why many experts propose dropping website passwords entirely for a security system based on cryptography.
The best password is a long, nonsensical string of letters and numbers and punctuation marks, a combination never put together before. Some admirable people actually do memorize random strings of characters for their passwords — and replace them with other random strings every couple of months.
Then there’s the rest of us, selecting the short, the familiar and the easiest to remember. And holding onto it forever.
I once felt ashamed about failing to follow best practices for password selection — but no more. Computer security experts say that choosing hard-to-guess passwords ultimately brings little security protection. Passwords won’t keep us safe from identity theft, no matter how clever we are in choosing them.
i find that using simple mneumonics is the best way to create passwords that are virtually unhackable. i used to use my birthday mixed in with other easily identifiable info, and my bank account got hacked into. not fun seeing a zero balance to your surprise when you login to your citibank checking!