A strong password is your first line of defense,

but can you remember it?

[a blast from the past, the existence of which I hope to remind the Great and Mighty Gods of Mount Googleplex]

There is no way around it: Any computer that is turned on is vulnerable. Having a strong password is not guaranteed protection since, once logged in, you can be tricked, and any programs you execute will be executed with all the permissions you have as a user.

Therefore, take every precaution. Having a strong password is your first line of defense against malicious intruders. Here are the basics:

• Strong passwords are long passwords. Password cracking software is now very sophisticated and any password that adheres to the other principles outlined below will be easily crackable if it is too short. The length of time it will take to crack a password increases exponentially with each character. Go for at least 15 characters.
• Mix it up. A strong password is constructed of four components -- upper-case letters, lower-case letters, special characters, and numbers.
• Make it easy to remember. This is the hardest part. In the absence of a mnemonic, your password is useless. Of course it's not good to base your password on dictionary words, but you may need them.

Base your password on a phrase or sentence, not a word. One strategy is to use the first letter of each word in a sentence that you can easily remember. It could be a song lyric, a line from a movie, a fable, a famous quotation, or just something somebody once told you that stuck.

So you might use, "There was an old woman who lived in a shoe." If we use the first letter of each word, we get ten characters:

"Twaowwlias"

Still not strong enough, but at least we're not using any dictionary words. Now you need to get your mix going. To do this, use codes for letters. For example, the number zero could replace "o"... but even that's too obvious so use the shifted version ")" instead for all your "o"s.

Now we have "Twa)wwlias"

Still not strong enough or long enough. Find an important word and capitalize it. "Woman" seems important. Now you have:

"Twa)Wwlias"... we still need a number. Don't do anything obvious here -- everybody uses "3" to replace "e" and "5" to replace "s," and password cracking programs know this. Instead, let's use "2" to replace "a" since "@" is the shifted "2."

The password is now "Tw2)Wwli2s." Now we have satisfied all the conditions of a strong password but one: We have upper and lower case letters, numbers, and a non-alphanumeric character -- and we haven't used any dictionary words. I would actually mix it up more, but it will suffice for the purposes of this post.

It's still not long enough, though. This password would be cracked within hours if not minutes or seconds. We want one that will take days if not weeks. One trick is to use a year to add four more characters. I first heard this nursery rhyme in 1972, so I'll use that, but I'm not just going to tack it on to the end because brute-force password crackers will simply run through every year from 1000 to 2007. We could take 19, flip it, and bracket the rest of the password with the year. So the password now becomes:

"91Tw2)Wwli2s72..." still at least one character weak as we need at least 15 characters. What year was that again? 1972 AD so let's bracket again:

"A91Tw2)Wwli2s72D" That is sufficiently strong to keep the wolves at bay for a while -- still crackable, but it will make them work at it and tie up their processing power for a while.

And our mnemonic is very simple: "There was and old woman who lived in a shoe 1972 AD." Don't write it down. Log in and out a few times until it becomes second nature. Presto.

Here's the part that's a drag: Change your password with some regularity. They can all be cracked. (Follow that link -- it's an excellent piece!)

Good luck.