How to make a secure password you can remember
A simple way to make secure passwords that you CAN remember
Start with a phrase (not a word) you will easily remember. Use a line of your favourite song like “gimmeonereason“. Slogan for your fave brand, “engineeredtoexcite” perhaps, or make up your very own slogan “crazydrivermostlysane“. But that’s just the start, because you can’t use that as a password! That part just makes it easy to remember 😉
Next, add a code unique to the site or service (in case their poor practices reveal your password to someone) and finally add the year (so you can change your passwords regularly without forgetting it). It’s easier than it sounds, I promise!
Say your chosen passphrase is: wateroflovedeepintheground (already thousands of times stronger than most passwords, thanks to the length). That’s very long though, and you might need to type it on your tablet or phone, so maybe shorten it a touch to oflovedeepin(now we lost some security, but gained some convenience).
When you use it for eBay, for example, simply put the E for eBay in the password. Or better still, LOOK UP! What special character is close to E on your keyboard? Use the hash key. That makes Eoflovedeep#in. I used both the letter E and the nearest symbol which is #. Notice I put the special character before the last word of my phrase rather than at the end of my password? You should do something similar.
So the eBay password is Eoflovedeep#in but when you go to gmail, it would start with G –Goflovedeep%in because the % key is nearest the G for gmail. A windows login might start with W for windows and would therefore be Woflovedeep@in.
Now throw in the year. 14Goflovedeep%in14 for example for a gmail password that you created in 2014.
This password series is very, very strong. At 18 characters it’s too long for dictionary attacks, rainbow tables, and very unlikely to be guessed. It’s unique to each site, so if one were compromised by a site’s poor security practice (such as storing it in plain text) other sites’ passwords won’t automatically fail, and when it’s time to change it, simply update the year – 15Goflovedeep%in15.
Most importantly though, all you have to remember is your phrase “oflovedeepin” which you chose from your favourite song, and a few simple rules which quickly become second nature.
- Stick to your password phrase and rule religiously to avoid confusion. The same simple rule for every password.
- Have an element you can change regularly instead of the whole password (like the year the password was created, which incidentally also helps remind you to update it regularly).
- Have an element that adds uniqueness for each site (like the letter the site begins with).
- 12 characters minimum – but that’s easy with a phrase.