Tuesday, October 18, 2011

How to create secure, easy to remember, passwords

You know you should be using secure passwords to protect your online accounts. But the rules for what constitutes a secure password makes it sound like creating and remembering one is a Herculean task that only the brainiest among us with near photographic memories could ever hope to master. But I'd like to introduce you to a fast, simple, and reliable way to create secure passwords that guarantee passwords that are almost completely unbreakable but easy to remember.

First, let's discuss what the general guidelines for a secure password are:

1. Don't use anything under 8 characters
2. Don't use the names of friends, pets, spouses, etc
3. Use a combination of numbers, special characters, and a mix of upper and lower case letters.

Following these three guidelines, you would think that the password Xcv234**%hnjdf-f433438(* is about as secure as a password can get. Surprisingly, though, I consider this password weak in a sense. While it's technically a strong password, it's not too easy to remember, is it? That means that you're likely to write it down, store it somewhere that's easy to get to, or choose a weaker password like 'fluffy35' pretty soon. So, in reality, while the password is indeed hard to break, you are the inherent weakness in its security and, thus, it's not a good password.

Now, let's look at my rules for generating a secure password and see how they compare:

1. Choose three related words that mean something to you.
2. Choose two dates that mean something to you.
2. Choose two 'special characters' that make sense to you

Now, let's see how we can construct a secure but easy to remember password using those three rules:

Three related words that mean something to you: I'm going to choose three cities where I've lived in my lifetime: Odessa, Ottawa, Lake Charles.

Two dates that mean something to you: I'll choose my year of birth and the year I moved to Ottawa: 1974, 1998.

Two special characters that make sense to me: I like the ^ character and the . so I'll use those.

Now, let's put that all together to make a secure password:


As you can see, it's long enough to be safe, isn't a dictionary word, and contains all of the required mix to make it unguessable by human or machine. For most intents, this is a very secure password and it's incredibly easy to remember.

So that's my quick tip on how to easily create a secure password. Using this formula you can mix and match any kind of meaningful information in ways that only make sense to you. The best part is it's easy to remember but impossible to guess or brute force.

What are your favorite ways to generate strong passwords?

No comments: