Picking a very secure password
Last day I discovered a vulnerability on my college grades system, not that I want to manipulate my grades, but for the pure pleasure of saying... security, your doing it wrong. the vulnerability consists in that every time a new student gets in they generate a new ID number and assign a PIN, this PIN gets you access to your online profile to see grades, teacher messages and more stuff, this PIN number consists on 4 numbers, adding the other 8 numbers on the ID you get a 12 numbers to authenticate system, now the ID consists on the year of registration, and the other 4 is an student unique ID, what's the vulnerability? well, I myself programmed a bot since there is no captcha, to send request to the login page, and this way I could retrieve thousands of correct PIN's, you can change your PIN but must users doesn't know how to do this, and never do.
So I changed my PIN to a one more secure, that way no bot can guess a 4 numbers PIN. instead of that I used the following technique for choosing a secure password:
Step 1
Choose a phrase that you can remember with easy, for example: "There is a dog in my yard"
Step 2
take only the initial letters: "tiadimy"
Step 3
Replace vowels with numbers: "t14d1my" you can use the following template:
- a -> 4
- e -> 3
- i -> 1
- o -> 0
- u -> 6
Add special Characters, so your password can look like this "#t14d1my:"
Step 5
May users, takes the same password to every account they do, so a quick solution is to add at the end the site the password is for, for example:"#t14d1my:fb "->for facebook"#t14d1my:tw "->for twitter"#t14d1my:mb "->for MoneyBookersAnd so on...
So there you go, choose secure passwords, and get one step ahead from hackers... like me :D