Want to make your own Passwords and write them down securely?

The method I use was taught by the Monarch Marking Co. so merchants could put the cost of an item on their price stickers.
First think up a 10 character word. Example pathfinder.
(Word must contain no repeated letters)
Then substitute numbers 1 - 0 for each letter. p becomes 1,a becomes 2 - and so forth.
You must never reveal the master PW to anyone.
Then when you write down the PW in your notebook, secure no one can interpret it to gain access. Underline a number to indicate it should be in upper case.
Weakness here punctuation marks cannot be coded. In this case I just write them down plainly. Snoops would still need the rest that remains coded. If you want numbers in your PW just reverse

A method I’ve recommended to those not terribly tech-savvy who just want a way to have their passwords around them, say, on a cork bulletin board, without exposing their accounts, is to come up with a secret meta-rule like inserting a particular character every X number of password characters. With very short passwords this can still be a give-away, but it’s something, at least, and is very easy to remember and use.

1 Like

Somewhere I heard that just padding the end of an easy to remember password, say Monkey123, with 20 or 30 of the same character is pretty effective.

I have to disagree, because in majority that’s one of the biggest password pitfalls: repeating the same character many times in a row:

While it’s not as bad as just a string of 1 character, I’d say it’s too similar to be something fair to recommend to others who may not know better. A meta-rule at least sprinkles it amongst others and because the interval is also unwritten, it affords far higher entropy.

There’s nothing to say a meta-rule has to be a single character, in fact that’s only the absolute simplest possible instance. I would strongly encourage something more complex, but the idea being designed for those not used to such things appeals, I think, in adapting to such a simple use-case with such relatively strong protection, for what it is.

1 Like

You probably got that from Steve:
https://www.grc.com/haystack.htm

1 Like

Not an issue for me since I now use LastPass.