How To Create Strong Passwords You’ll Remember

ChubbyFrog says on June 19th, 2007 at 11:31 am

When creating strong passwords, using special characters, mixed case, and numbers in your passwords makes the task more difficult, but the best defense against your typical password cracks is length. This is the key to creating a really strong password that is easy to remember. Forget the password, use a pass phrase. Favorite quote, favorite lyrics, anything.

“This is my website password!!!”

Swap out the word “website” with whatever you’re protecting, such as “e-mail” or “banking” and you have a pretty good system for remembering all your passwords, while keeping them strong.

The only drawback is that there are still some websites that still inexplicably put length restrictions on their passwords. This may imply that they’re not scrambling (hashing) your password before saving to their database. Consider this a security red flag.

ChubbyFrog says on June 19th, 2007 at 11:33 am

Oops. My comment above should have read:

“makes the task of cracking the password more difficult”

Sallie says on June 19th, 2007 at 12:11 pm

My favorite trick is to use lines from songs, and then work numbers and symbols into that.

i.e.
“I want to be a part of it, New York, New York”

could be iw2bapotnyny

Sallie says on June 19th, 2007 at 12:12 pm

oops…

make that iw2bapoinyny

Eric says on June 19th, 2007 at 12:30 pm

I like using a mixture of names interlaced with a number and symbol at the end. For example, if you name was Bill Jones and your street number was 123, you would use:
BjIoLnLes123! This method works great for me and seems darn-near unhackable in the period of one life time by even the best software because it appears random and is not made of words in a dictionary. It looks hard to remember, but once you start using it, your fingers will remember the sequence, even if you don’t.

Peter says on June 19th, 2007 at 12:30 pm

I do the same as Sallie, but instead of songs, I use memorable quotes (from my personal life).

After abbreviating I l33t it out to make it stronger.

I think, therefore I am => ittia => 1tti4 (well, you have to remember, which letter is l33ted, and which is not)

I don’t use symbols and some letters, because most of the computers I get to use have multiple layouts installed, so if I don’t pay attention, I would mix them up (y and z are swapped on many layouts, not to mention azerty keyboards).

David Engel says on June 19th, 2007 at 12:40 pm

I came up with a list of 10 chronological life events which I would not forget and I could encode into a 4-character string (for example, high school graduation could be gh07 for “Graduated High school in 07″).

Then an 8-digit code can be memorized as a 2-digit number, and I can put the question which leads to this 2-digit number in plain text/site. Even if you are geeky enough to realize that the question “What is 6 times 9?” gives 42 for an answer, you still need to know what 4-character strings are associated with life event 4 and 2.

Then to make it more interesting, I hold down the shift-key for one or the digits, so the gh07 becomes GH)&.

Brad Isaac says on June 19th, 2007 at 2:27 pm

This isn’t bad.

But I posted a “lazy” password system that can withstand a brute force attack.

Tommy Jensen says on June 19th, 2007 at 2:38 pm

I just find any random generator (search Google) and then have it generate a random password, such as d3F8EnHj. Then I figure out some sentence that can be used to give it meaning.

Such a sentence might be “did 3 Frenchmen 8 Englishmen need Homers jokes”. The trick is to replace any capital letters with proper nouns – it will then seem easier to remember which should be capitalized.

Satya says on June 19th, 2007 at 2:57 pm

I try not to use special characters because I have this suspicion that some web forms may silently drop them.

Martin says on June 19th, 2007 at 5:47 pm

You could try using http://www.passpub.com to generate strong unique passwords in a range of memorable formats i.e. map ref – A12B34, post code – DF47HJ and keycombos which use pairs of keys placed next to each other on the keyboard – 34YUGBsx.

Athol Kay says on June 19th, 2007 at 6:23 pm

And for the love of God people, stop using the name of your dog as a password.

Chris says on June 19th, 2007 at 9:22 pm

One of the first “rules” of strong passwords is not to use personal information – information that can be guessed. Your child’s birth dates and initials are personal – if someone knows you and wants to get into your files, they could use this information, drop it into a brute force password cracker, and whala.

John C. says on June 20th, 2007 at 8:53 am

I use abbreviations of street addresses from long ago places I lived or worked. For example, if I had worked at the White House, 1600 Pennsylvania Ave would become “1600PaAveDC20001″ Passwords can be improved further by including special characters “!600Pa@veDC20001″ Passwords can be shortened as well by dropping the zip. Another method is using license plates from long ago vehicles with the state i.e. “NYabc1234″.

bc says on June 20th, 2007 at 12:00 pm

Think “pass-phrase” not “pass-word”.
I collect useful, short phrases, from writers I like, or phrases that seem helpful which I find much easier to remember. I purposefully try to find phrases which make me feel better or aim at my goals as well.
Then, use the first letters of each word, and all of the sentence punctuation, to make a memorable “password” which is also impossible to guess.
Examples — I love logging into my computer remembering this one from Buddhist teacher Thich Nhat Hanh:
“Breathing in, I know that I am breathing in.” which becomes “Bi,1kt1abi.”
I make some substitutions, like the number “1″ for the capital “I”, and use the correct punctuation, and Bob’s your uncle, you end up with a great and very memorable password.

Oxide says on June 20th, 2007 at 1:06 pm

I use a similar algorithm based password.

I posted details over at http://everythinghurts.com/sen.....trategies/

Wolfger says on June 20th, 2007 at 3:46 pm

Use a secure “wallet” to store your passwords in. Put an easy to remember pass on your wallet, and then you can use incredibly strong (and impossible to remember) passwords for everything else. Just don’t lose that wallet.

Dr. Woo says on June 22nd, 2007 at 5:02 pm

My method for password generation is pretty solid, even though you’re not really memorizing a password so much as a keystroke.

This only works if you’re a “home row” typist, as in keeping your fingers over ASDF JKL; when typing.

Take a phrase or a pair of words (pair of words works best in my experience) and type it out, one word in all caps. The best way to pick a caps-word is to use one that you can type with one hand. For example:

negativeJOLLY
makeshiftASTRA

Now shift your fingers up and to the left so that ASDF JKL; becomes QWER UIOP and type it again.

negativeJOLLY: h3tq58f3U(OO^
makeshiftASTRA: jqi3wy8r5QW%$Q

Makes for extremely secure passwords if you always use a standard English keyboard pattern.

zmafrgoe qikmtewdy says on July 6th, 2008 at 7:54 pm

dpucfq hfgj nkfwjobhp qcvnrixf nwuahty iqptg amvlkp

Mo Desto says on January 16th, 2009 at 1:41 am

Dr. Woo: GRAND idea. I will use that for the rest of my un-natural life! Thanks

trungsten says on July 31st, 2009 at 9:11 am

Not so strong passwords.. I researched about this, and I found a blog http://read-me-dot-text.blogspot.com/ that provides the tips and steps to be done to create strong passwords. Hope this blog will be helpful.

trungsten says on July 31st, 2009 at 9:11 am

Sorry. the site blog is http://read-me-dot-text.blogsp.....words.html