Last year, Dov Tenenboim of North Bondi hacked into at least 90 different eBay sellers’ accounts and sold $13,482 worth of non-existent Apple iPods. Last week, he pled guilty. Tenenboim went after eBay users with easy-to-guess passwords - such as those that use their seller name as their password.

When referring to the case, an eBay spokesperson stated the obvious

“What the case highlights is the importance that people need to place in choosing a sensible password,”

What exactly makes for a good password? I read an article once (can’t remember where) that said to do the following:

1. Think of your favorite phrase, quote, or song lyric that’s at least 8 words long.
2. Take the first letter of each word.
3. Substitute numbers for letters.

The example I remember was a Dr. Seuss quote, so I’ll use an Animaniacs spin-off of Green Eggs and Ham:

1. Phrase: “I does not like gold eggs and meat.”
2. Take the first letters of the phrase: idnlgeam
3. Now, substitute some numbers for letters.”i” and “l” kind of look like “1″ and “e” looks like a backwards “3″ so “1dn1g3am”.

The system has been working for me - and since I create my password from scratch with a meaning behind it, I have a greater tendency to remember it.

Is there another solution? I read a few months back that eBay (or, at least, Paypal) was looking into implementig security keys.GearFuse.com posted a picture of these security devices, which generate unique keys every 30 seconds. Users must type in that unique key along with their username and password.

It sounds like a pain to use, but perhaps something like that would reduce the number of phishing scams. If scammers need your randomly generated security key along with your username and password, that may make the stolen data more difficult to use.