Several years ago a customer and I were discussing password security and he gave me a simple idea to create strong web passwords that appear to be random. I've now been using the idea successfully for years.

His idea was simply to create a *formula* for your password. This formula should contain elements that are easy for you to remember and should use something unique about each system it will be used on. When considering web passwords, it's pretty easy to come up with a formula.

For example, here's a formula I came up with just for this article.

First 2 letters of your last name (uppercase) + Third digit in the year you were born + Last 2 letters of a websites domain name (lowercase) + Fourth digit in the year you were born + First 2 letters of your first name (uppercase)

At first, this might seem like a difficult formula to remember, but it's based on a pattern that makes sense to me. Create your own formula and the result will be a password that seems random but is easy for you to remember.

Setup the formula so that you always end up with between 8 and 10 characters since most websites will accept that length.

Using the formula above, I get the password “DA7re6JO” for this domain. You, of course, will get something different. But, don't use my formula, come up with something else that makes sense to you.

You can get even more creative and come up with something that would not make sense to anyone, even someone who found multiple passwords on different systems. For example, create a pattern based on letters from your favourite phrase or positions (page, line, word, character numbers) from your favorite book.