Which is why I use the "every other character with the <shift> key" part. Those digits, which I agree are easy transformations to automate, become punctuation characters when you use the <shift> key. Does this actually make the final result password more secure? I can't say with any certainly because I haven't done any personal crypto testing myself, but at least we can probably assume it doesn't make them any LESS secure.


I have thought about that. If I only used my desktop computer to access forums and such (where I tend to use the less secure passwords) I would do this. However, KeePass on my Android phone is not as easy to use, nor is the cut-n-paste, compared to a desktop computer. So I just have not made the switch to using KeePass to generate good passwords. I justify this, rightly or wrongly, with my thought process that "I don't really care all that much if my forum passwords get hacked". The consequences for me are minimal, since I don't share those less secure passwords with bank websites and such. Still, I agree it would be better to have super-secure passwords everywhere, no exceptions. I just haven't made that move yet. I should.