Numerous incidents of data loss or theft have occurred all through 2007 and before. A recurring cause of these incidents is the human factor. Information Technology these days is quite secure, and scam artists are turning more and more to the human factor as it is much easier to crack than those highly protected IT systems.

If you look at the incidents that happened in 2007, you will notice that most were due to human error: a junior sending CDs with unauthorized copies of databases, mail getting lost, laptops and thumb drives getting stolen, gullible and greedy people getting scammed, user accounts being compromised.

The latter is usually quite easy, as most people choose an easy to remember password such as the name of their child, spouse, dog or their date or city of birth. You would be surprised how many people still keep a post-it note with their password stuck to their screen or in their top desk drawer. Some even store it on their mobile phone.

Some of the rules for a good password:

• You need to be able to remember it without writing it down.
• Do not reuse a password and use a different password for every user account or site.
• Make it sufficiently long and complex so it cannot be easily be 'guessed' or 'cracked'.

To avoid making passwords easy to guess or crack:

• Use a password of at least 10 characters long.
• Use a mix of upper- and lowercase letters, numbers and punctuation characters.
• Do not use dictionary words, in your own or a foreign language, forward or reversed.
• Do not repeat characters.
• Do not use personal information such as your name, your spouse's name, phone numbers, memorable dates, your car registration or house number.
• Do not encode dictionary words, substituting letters by numbers ('l' by '1' and 'e' by '3' in 'letter' to '13tt3r').

The secret to making a password memorable and unique is to use a mix of the above techniques with a few memorable and/or imaginary words.

For example, I need a password for my Facebook account. To create this, I will interleave the following ingredients:

• an imaginary word with mixed case: 'sLopAry',
• a memorable number, part of my phone number, namely the middle 4 digits: 1234,
• some punctuation marks: * and ",
• the name 'Facebook'

• The first 4 letters of my memorable word,
• 2 digits of my memorable number,
• the first punctuation mark,
• the consonants of 'Facebook',
• the second punctuation mark,
• the last 2 digits of my memorable number
• and finally the last 3 letters of my memorable word.

If you would apply the same method for your LinkedIn account, you would obtain the following password: sLop12*Lnkdn"34Ary

Devise a variation of the above algorithm, using the principles outlined, and you will have your own algorithm that allows you to create a unique password for every site you visit.

It is important to keep a record of all sites where you used this method (not the passwords themselves), as it is imperative that you change all passwords created using this algorithm if one of the sites gets compromised, through whatever reason.