How many passwords can you remember? It seems we need more and more of them every day, and memorising a pin number for your one and only cash card now seems a lifetime away. Frankly I struggle to remember a myriad different phone numbers, pin numbers, logins and passwords. And passwords are a particular problem because we are rightly told we must have a different one for every login, and that they need to be longer and more complex than before. That's because hackers have access to more powerful computers and password-cracking programs than before. Security is a real challenge for anyone who spends a significant part of their life online.

The first hurdle, and the first mistake many people make, is in thinking-up a password in the first place. The easy option is to choose something you can already remember, such as your car registration number, your post code, or a birthday for example. If you're using a login and password in a workplace setting these are too easy for an unscrupulous co-worker to find out or to guess. PayPal, a good example of a site that requires a high-security password, stipulates that it should be at least eight characters or more, should not be any word you can find in a dictionary, should include upper and lower-case letters, and includes at least one special character - for example the numbers 1 to 9 or a bang = !, a splat = *, an underscore = _, or any others like them.

The next hurdle, and it is a danger many people might not realise, is in choosing a reminder question. A lot of sites, aware that people often forget their passwords, provide an automated reminder service. The problem is they ask an idiot-simple challenge question, often guessable by anyone who knows you, such as, "What is your favourite pet's name?" Those that then admit you to the secure part of the site are a problem. Those that send a password reminder to a previously registered email address are less of a problem, unless an untrustworthy co-worker might have access to your email account.

Writing your logins and passwords down is not a good idea, although I can agree that it could save you a lot of bother if you keep a record of them in a safe place at home. You certainly should not carry them around with you on a piece of paper because if you misplace it, anything could happen. The worst thing you can do is write them down on a post-it note and leave it on your screen which, incredibly, does happen. There are a number of programs that offer to act as a "password vault", but you still have to remember the password for it and they're not much use if you are away from wherever you have it installed. I wouldn't trust those that are based online.

The best solution I have ever seen has been around for a long time already. Back in my days with Cray Research, we were all given a credit-card sized device called a SecurID card. It displayed a four digit random number that changed every minute. This was generated from a unique seed number and a complex algorithm it had been factory programmed with. To log onto the company's network you would type in your own pin-number and whatever number the card was showing at that time. The secure sever at the other end would calculate what number ought to be showing at that precise time, and if it matched, it let you in. It's pretty bullet-proof and used by some of the most security-conscious organisations in the world. And it's so easy to use.

Modern versions now come as small tags you attach to a key chain, and some systems don't even require you to have your own pin number, they can simply use your login. In addition, you can get USB tokens that plug directly into a PC or laptop to gain access to locked programs and data as well as networks.

Wouldn't it be great if a single SecurID card could be used every time you needed a password on any site anywhere?

Find out more about them here: http://www.rsa.com/