Tips on secure passwords

• Don't use easy-to-guess passwords such as "password," "1234," your username or any word that appears in a dictionary.

• Don't use your pet's name, street address, date of birth, mother's maiden name, nickname or anything easily identifiable and thus easily guessed.

• Do combine numerals and letters. Use upper and lower cases along with special characters such as the exclamation point, if permitted.

• Do create longer passwords for the most sensitive sites. For example, consider 16 characters for banks, six for news sites.

• Do create strings that appear random to others. For instance, think of a phrase like "Mary had a little lamb." Then start your password by using only the last letter of each, as in "ydaeb," or only the consonants, as in "mryhdlttllmb." Then insert numerals or special characters. Mix it up by making every other letter upper case, as in "yDaEb."

• Don't write your passwords on sticky notes attached to your monitor. If you do write them on paper, keep them in a secure place such as a wallet or safe.

• Do encrypt computer files you use to store passwords. Use Pretty Good Privacy or other encryption systems, including ones built into some Windows systems and Macintosh OS X.

• Do avoid reusing passwords at different sites. But if you must to remember them, share passwords only for low-risk uses such as newspaper registrations.

• Do change passwords any time you have a reminder sent via e-mail. Delete the e-mail immediately.

• Do change passwords on a set schedule, such as the first day of spring, summer, etc.

• Do guard your e-mail password, as that can be used by others to obtain "reminders" for other passwords. Change it after visiting insecure locations like cybercafes. Thwart keystroke-capturing software by typing the entire alphabet and cutting and pasting one letter at a time to form your password.

• Do create a system for remembering passwords without having to write them down. For instance, begin with your random-looking string, such as "yDaEb" and add a constant you memorize, such as "4!5." End with something related to the Web site, such as the first four consonants of the domain name.