Quick! Change your password! Or don’t!

There’s been a breach and this one’s serious. The bug has figured out how to obtain a copy of the metaphorical front-door keys to your data, to use whenever it wants. And people are very clear on one thing: you either should or should not change your password in response.

I view these calls to alter passwords the way most people in the office view fire alarms: we assume that if it were actually a real fire, they would announce it some other way. That alarm is for drills. The Internet is the boy who cried “Change your password.”

And, frankly, the bug is welcome to my passwords. If it can remember all my passwords, it’s a better soul than I. I can barely remember what I decided my First Love was when Bank of America asks for it. The other day I tried to log in to my old AOL account and it asked for the name of something I would always hate. For several harrowing hours I sat there wondering what 8th grade me had been so convinced I would always hate. Three-ring binders? N*SYNC? Finally I typed “Jar Jar.” I was right, but all in all it is not a process I would recommend.

If you do decide to change it, the road will not be easy. Passwords are impossible. They are either memorable or secure, never both. Like childhoods. Still, here are some tips.

Good passwords:
• Based on something you’ll always remember. For instance, the date of that thing. What was that thing? You know, the thing.
• Powerful incantation that stops anyone who tries to steal it.
•Letters that spell something (YU1my$? D9UmyNFO! Good luck remembering whether you chose to capitalize them or not.)
• Notes addressed to the people trying to steal your password that play powerfully on their pity, in a few characters

Bad passwords:
• The secret pseudonym you’ve been using for the past eight years to write Twilight fanfiction
• The name and number of your favorite child
• Which of your relatives you hope dies first and at what age
• Exactly the same password you used last month, with the number increased by one. (Although this does help you find yourself in time, if your life is boring and your surroundings do not change much.)

Once you have one:
• Hire a Royal Password Carrier to follow you around and whisper your passwords in your ear. They can be as secure as you like! Be sure to pick someone who is unlikely to die soon, and do not let him taste your food if you have any doubts about it.
• Name a star after your password. That way, if you forget, you can call the hotline and say something casual like, “Just checking on my star” or “You know, proud star poppa here, just wanting to know how my little sun’s doing.”
• Name a child after your password. That way, if you forget it, you’ll have someone there to remind you! If he’s still speaking to you, that is.
• Tattoo your password somewhere private, but still accessible at work. Lower back works.
• Get yourself hypnotized so that whenever you see a password box you type in the requisite alphanumeric characters. Now you can get one of those secure but impossible-to-remember passwords that only a computer could love.

Got one? Secure, memorable, and stored somewhere you’ll remember it? This is the networked equivalent of finding your true love holding the Holy Grail balanced neatly on one hand as he plucks a needle from a haystack with the other. But you did it! Well done.

Now change it once a month.