You probably hate all your passwords, just like me. I have tons of them and I use tools like 1Password and KeePass to store them relatively safe with a masterpassword. I also have a few strong passwords I reuse a little too often; like anybody does. However, I also have some smart passwords which are unique and easy to remember. Especially for websites. Without telling my exact method, I can tell you my formula to easy to remember unique passwords.
Good programs, websites and tools never store your password. They should always store a ‘reference’ to your password, called a hash. You can recognize these sites, because they will never ever send you your password, even when you try the recovery method. Instead they will send you a new, temporary, difficult(!) password or send you to a time-limited link to change it. If a site sends you your password upon request, distrust them and never use a password which you use for other purposes! If they will be hacked, all passwords will be readily available.
But even when they properly store your hash, instead of your password, your are not 100% safe either, because hashes can be regenerated by brute force attacks or, when you use a stupid password, by a dictionary attack. Both ways are tried methods and more succesful than you would expect.
This is why there are a few tricks. I want to teach you one:
A proper way to avoid a dictionary attack is to make the dictionary ‘bigger’. This is done by implementing more characters than just a-z en 0-9. A-Z helps, but !^%$#*()_-=+ are even better. But there is another possibility:
What if you choose a strong password and ‘salt‘ it, making a new password each time. Let me explain by an example:
Let’s assume you need a password for your Google account. Google has a URL of www.google.com.
You use a part of their address and use it to enhance your password. Let’s assume your ‘strong password’ is ‘starship’ written as *sh1p. (okay, perhaps a lame example, but let’s stick with it). And you live in the Netherlands, which has a TLD of nl. Now your easy to remember, salted password might be “*sh1p@google.NL”. Likewise your password for Yahoo is “*sh1p@yahoo.NL”. See?
In this example I used a ‘mailadress mnemonic’, but you can easily use something else. Perhaps “google-NL-*sh1p” or “*sh1p/NL/google”. Anything is okay and the passwords become pretty decent AND easy to remember.
Let me know if this works for you too!?