good passwords

there are many rules that should be typically followed when choosing passwords:

• easy to remember (without writing down somewhere)


• not dictionary word/words


• resistant to social engineering


• resistant to permutations and combinations that can be arrived at through social engineering


• atleast 7 characters, maybe more for sensitive data


• should not match previous pr other currently held passwords


• contains a mix of upper- and lowercase alphabets, numbers, and symbols

the day has arrived when i need to add one more to them:

• should be possible to be typed on a cellphone

this rule is apparently the hardest one to keep, and ends up being the deciding factor on my selecting a password. as it is, finding a password that fits the rules above is pretty hard, and a password that satisfies those rules is, almost by extension, hard to type on a phone.

as a result, most of my current passwords will probably not change till i get a new phone - i've invested too much time into getting them right for me to throw them away for any other reason.

sometimes i wonder why i go to such lengths to justify my laziness.

btw, for the bordering-on-obsessively-curious, here's a list of the sites i access atleast a few times every week from my cellphone:

• www.gmail.com


• m.twitter.com


• reader.google.com


• www.google.com/ig


• www.hotmail.com


• www.yahoo.com


• www.rediffmail.com


• messenger.yahoo.com


• www.facebook.com


• www.orkut.com