Top Nav

How To Create an Easy to Remember STRONG Password

As more and more of your life moves online, the need to maintain a secure computing environment is critical. Creating a password isn’t good enough, it needs to be a STRONG password. A common misconception however is many think a strong password is hard to remember. Not true and good news for you, today I’ll review how to create an easy to remember, yet rock solid passwords.
how to create easy to remember strong passwords

How to choose a good, secure password
  1. A secure password is a unique password.  As tempting as it might be, never use the same password on multiple websites. Sharing passwords between sites is like Russian Roulette.  All it takes is one website hack to ruin your day especially if that password is used across all your online accounts. Add a layer of security to your online footprint by using unique passwords.
  2. Don’t use dictionary words. Yeah I know, your kids are really cute but their names make horrible passwords as do months of the year and cute furry pets. Dictionary words are easy to guess and there’s about a million apps out there which specialize in attacking accounts using dictionary words in all known languages.
  3. Contrary to popular belief, passwords written on a yellow sticky and hidden under a keyboard does not make it secure. In almost all cases, if the worst happens and you forget your password, you can almost always reset it using your email address.
  4. Use a pass phrase. You mean like an actual phrase? Yes, that’s exactly what I mean! The great thing about a passphrase is it’s long, it’s not a dictionary word and in some cases it’s easy to include special characters which are tough to guess. For example, a previous password I’ve used in the past was: my laptop is black and ugly! – Wow, a 28 character password that’s easy to remember (I just look at my laptop) and nearly impossible to guess or hack (unless you look at my laptop…). Some services out there like Twitter don’t allow spaces in passwords so you will need to adjust from time to time.
  5. Like most things, passwords need maintenance. In other words, if you’ve been using the same password for a few months – change it. Again, using a pass phrase you shouldn’t have a problem coming up with a simple, unique phrase you can easily remember…

Coming up with secure passwords is quite simple if you follow the steps I’ve outlined. Now go, right now, create a STRONG password and change the passwords on all your online accounts starting with your Facebook and Twitter Passwords.

Do you know someone who could use a little help coming up with stronger, more secure passwords? Do them a favor and share these tips with them today!

, ,

20 Responses to How To Create an Easy to Remember STRONG Password

  1. Jim Conkler November 15, 2011 at 5:21 pm #

    Great tip. I spent half the day moving to a pass phrase and altering it a tad for each site using a technique I can’t tell you about. :)

    Thanks for the tip. I’d never thought about a phrase before. Very groovy.

    • Steve Krause November 15, 2011 at 5:41 pm #

      Thanks for the feedback @Jim!

      Glad to hear you liked the Pass Phrase Tip. I’ve been using that trick for years starting about 8-10 years ago when I first discovered spaces are allowed for Windows Active Directory accounts. Our corporate IT guys made us change our password every 45 days and we couldn’t re-use old passwords. The Pass Phrase worked like a charm and several times they made me smile being… no, I won’t tell you what they were but I’ll bet you can figure it out.

  2. Ted November 16, 2011 at 12:02 pm #

    Somebody recommended modifying the name of the website as the password. So on Facebook the password could be myfacebook. What do you think?

    Neither your system nor the one I mentioned above works in many cases where numerals are also required.

    • Brad November 17, 2011 at 8:19 am #

      humm, slightly modifying the website name sounds like it might make it easy to guess. But I think it is good to include a concept from the site into your pass phrase (i.e. “myRambling” instead of “myfacebook”)

      Here are some tips I would recommend in addition to the ideas Steve offered.
      1) Exchange strategic numbers for specific letters within your phrase. i.e. O=0, l or i = 1, E = 3, etc. So “the tall wall” could become “th3 ta11 wa11″ – that gets around the required numbers problem and, if you are consistent, is just as easy to remember.
      2) Exchange a punctuation mark like _ or , or . for all spaces – “th3,ta11,wa11″
      3) I’m new here so I don’t want to look like I’m a plant for a password storage app, but these can be *really* helpful. I love the one that positions itself as “the last password you will ever need”.
      4) If you don’t use a password manager, then Steve’s rule 1 (about each one being unique) should be tempered (IMHO) a little bit for sanity. For non-financial passwords, I would group them into categories. So, if you have two or three email accounts, you might be able to get away with using the same password for each. But here you have to evaluate risk vs. convenience.

  3. Alex November 18, 2011 at 10:18 am #

    quite usefull actually. Thanks…

  4. pter November 22, 2011 at 11:38 pm #

    I used a different method to select my password, I start from a sentence like, “The winter is coming but I am ready !” I just take the first letter of each word: Twicbiar!

    That fix the problem of the maximum 8 characters password.

    What do you think?

    • Steve Krause March 8, 2012 at 7:56 pm #

      HI Pter – That’s also a great method. It works very well and it’s not a dictionary word so good luck on anyone guessing it. Plus since you used a pass phrase, it should be easy to remember also.

      Nice system.

  5. Catz March 6, 2012 at 9:43 am #

    Wait. What?

    You said NOT to use dictionary words but “my laptop is black and ugly” is 6 words, all of which are found in the dictionary.

    I don’t get it.

    • Brad March 6, 2012 at 1:47 pm #

      Perhaps this is more clear. Do not use a password that can be found in a dictionary. So, “laptop” is not a good password. But the phrase “my laptop is black and ugly” cannot be looked up (as a phrase) in any standard dictionary.

      Still, to be safe, phrases should contain at least 4 words unless you choose to slightly mangle the words in a personally memorable way (as was suggested above). i.e. “th3,ta11,wa11″

      • Ted March 7, 2012 at 4:44 am #

        Is it a good idea to use different passwords for different sites?

        • Steve Krause March 8, 2012 at 8:07 pm #

          Oh yes. Very much so. You should never use the same password on multiple websites even if you come up with a really secure password.

          The main reason for this is because websites get broken into all the time at no fault of you, the end users. Perhaps it’s an inside job where a system admin goes rogue or perhaps the website has a bug in it and the attacker can break in.

          Either way, if they get into the website, your passwords is normally stored in a database. So if the attacker gets into that database they now have your password.

          Not good…. however this could be REALLY bad if that same password is used on all your accounts over the internet. And REALLY REALLY bad if they now have your email or paypal account….

    • Steve Krause March 8, 2012 at 8:03 pm #

      HI Catz,

      I perhaps should have elaborated a bit about how hackers go about cracking passwords. Here’s how it works:

      One method hackers users for breaking into accounts is they take an application make for testing passwords and point it at a list of dictionary words in several languages. The application then crawls applications and websites trying common usernames in combination with that list of dictionary words.

      Now the way it work is it tries individual dictionary words, not combinations of them IE: phrases. The reason they don’t go after pass phrases is because there are just way way too many combinations of words to put together. I would say impossible and to try them all it would take way way too long.

      So that’s why if you use a Pass Phrase, you will be 99.999% safer than a person who users a single word like laptop or december or becky or any other name which you can find in a common dictionary.

      Make sense?

  6. AnnT March 9, 2012 at 8:59 am #

    My husband used the last four numbers of his army id to protect his log-in screen. And had the visible onscreen tip as “last 4″.
    Why password protect from your wife of 23 years? Hmmm. I wonder why ….
    I checked. And changed it to “I am a cheat and a liar”. He’ll never figure that one out, but he doesn’t live here anymore.

  7. jifjaf April 5, 2012 at 2:20 am #

    You say above that you think it is a good idea to use different passwords for different sites – do you have any suggestions for how to remember loads of different passwords?

    • Austin Krause March 27, 2013 at 5:03 pm #

      My advice would be:

      Use a passphrase that you can take the specific service onto.

      The passwords:

      “this is my gmail account password”
      “this is my yahoo account password”
      “this is my bing account password
      “this is my password i use for crap i dont care about”

      Are all very secure and nobody would be able to guess them unless you use the same username on every site (or somebody very close to you figures them out).

      You could also change up the order though:

      “this is my password for gmail austin”
      “this is my password for bingo smingo”
      “this is my password for wahoo yahoo”
      “this is my password i use for crap i dont care about”

      Just keep it simple, LONG, and easy to remember, then you should be good.

      • Robert Lancaster August 11, 2013 at 6:14 pm #

        Your suggestion has (though to a lesser degree) the same issue as using the exact same password at multiple accounts.

        For example, if a hacker (or rogue admin) finds out that your passphrase at, say, Bing is “this is my Bing password”, they could then try that same passphrase at other sites, replacing “Bing” with the name of each site.

  8. Henry March 31, 2013 at 9:39 am #

    Great tip and completly understandable. I’m going to use it from now on.

    • Steve Krause July 22, 2013 at 9:10 pm #

      Awesome! I’m glad you enjoyed it. Feel free to spread the love by submitting to your favorite social media site.

      The more security ppl out there the better we all are!

  9. J.T. September 25, 2014 at 8:05 pm #

    I used a variation of that scheme since about 2002:
    Steeler beat Browns 27 16 yields password:

    Sbb_2716

    I think with a cap, an underscore and a number or or four it’s nearly impossible to crack (well maybe you can crack it — with something on the order of a liquid cooled supercomputer running for 96 hours straight!)

Leave a Reply

 

×

Get Early Black Friday Deals Now - Amazon.com Check Deals