How To Create A Good Password That You Will Not Forget

Ads by Google

strong passwordPasswords can be a key to many things, for example your emails, your Facebook profile, or your bank account. Did you know that some people still use passwords like “password” or “123456”? Needless to say, it’s dangerous to use one and the same simple password for all of your online accounts. Imagine a hacker cracked that one password? To be safe, you should create unique and difficult to crack passwords.

So do you know how to create a good password? And how can you remember more than one of them? Here are some tips and tricks to maintain individual strong passwords for all of your online accounts.

Know The Characteristics Of A Safe Password

  • it cannot be found in a dictionary.
  • it contains special characters and numbers.
  • it contains a mix of upper and lower case letters.
  • it has a minimum length of 10 characters.
  • it cannot be guessed easily based on user information (birthdate, postal code, phone number etc.)

Create An Easy To Remember Base Password

You can use several techniques how to create a good password that you will not forget. Here are some suggestions.

  • Randomly replace letters with numbers, e.g. flirt becomes fl1r7.
  • Pick a sentence, i.e. your passphrase, and reduce it to first letters of each word only, e.g. “Everything I Do I Do It For You” becomes EIDIDIFY.
  • Take a word and reverse spell it, e.g. neighborhood becomes doohrobhgien.

These examples are not very safe. While none of the words can be found in a dictionary, they are still failing other characteristics of a safe password. Try to find a combination that allows you to incorporate all characteristics.

The base password I’m going to use for this password is “E1d_1D!4Y:)“.

Note that my base password meets all of the above criteria. It cannot be found in a dictionary, it contains special characters, a mix of upper and lower case letters, it is 11 characters long, and cannot be guessed based on my personal information (unless you suspect that I like Bryan Adams).

Be Creative & Think Out Of The Box!

A computer may calculate faster than you can recognize patterns a lot quicker than any human brain, but one thing it cannot do is be creative. That is your great advantage over hacker tools!

Ads by Google

As you see, in my password I replaced some letters with numbers or special characters. However, I didn’t use a stiff set of rules. I replaced the “I” with a “1” or a “!”. Using rules for replacing characters, i.e. always replacing an “a” with the “@” symbol will weaken your password.

Here are some ideas how you can make it even harder for a hacker to crack your password:

  • Don’t use common substitutions, e.g. @ for A/a.
  • When you have recurring letters within your password, mix your substitutions, e.g. 8 or ( for B/b.
  • Have a word and touch type it with your fingers in the etpmh (wrong) location. Keep in mind that you may switch keyboard types.
  • Pick a pattern on your keyboard and type it with alternating use of the SHIFT key, e.g. Xdr%6tfCvgz/

Test Your Password

Do you want to make sure your password is indeed safe? [NO LONGER WORKS] The Password Meter will reveal details about the strengths and weaknesses of your password. However, if your password is too long, i.e. too safe, this test will actually fail.

how to create a good password

Create Individual Passwords For Every Account

Once you have a strong base password, you can use it to create individual passwords for each of your online accounts. Simply add the first three letters of the service, e.g. “E1d_1D!4Y:)GMa” for your GMail account or “E1d_1D!4Y:)eBa” for eBay.

Be Super Safe

To be super safe, you should have TWO base passwords. They will be used to keep important and not so important accounts separate. You would use one password for sites which hold personal information or credit card details, such PayPal or GMail. The second password would be used for forums and similar sites that would not be of great harm if hacked. However, the passwords should be equally strong.

Update Passwords Regularly

This is the toughest part. To maintain safety with a strong password, you have to update your password every few weeks or months. The more often, the better. You can do this in several different ways. Here are some ideas that will keep it simple.

Change your base password only:

  • Change the special character substitutions you’re using.
  • Reverse use of upper and lower case letters.
  • Type the password with SHIFT lock turned on.

Change entire password:

  • Change how you identify the account you’re using, e.g. use the last three rather than the first three letters (GMa would become ail or eBa would become Bay).
  • Change the position of the letters identifying the account, e.g. put them to the front or in the middle of your base password.
  • Add the date of when you last changed the password at the back and mark it in your calendar.

In other words, use your human advantage: be creative and think out of the box.

If you don’t feel safe with “easy to remember” passwords, you will enjoy Stefan’s article on 5 Free Password Generators For Nearly Unhackable Passwords.

Do you have any additional tips on how to create a strong password?

Image credit: railking

Ads by Google
Comments (26)
  • RAJ KIAN

    earlier i used to use pw as 123456 or even 123456789.
    my frnd use qwertyuiop or zxcvbnm.
    but currently i hv 2 ytp of pw.or 3.
    for myspace its 7letters tgen 3 nos.
    fb,twitter etc. its 7+7=14 letters thats very big. Well its combo of 2 words. n i bliv dat its next 2 impossible to crack it.
    oh n the 3rd one is 7letters dats 2nd part of my earlier pw.

    another thing which every1 shud keep in mind. Always make it a point to hv ur pw in CAPITAL LETTERS if u find it difficult 2 rember mix of upper n lower case.
    i use caps. n dey say “hey ur caps lock is on”.

  • Montana

    You know what, these banks & email hosts would be almost completely hacker-proof if they maybe did something where the password was encrypted with two layers of security — one, SSL, the other, an encryption algorithm that uses IP addresses. With so many different IP addresses, and the ability to change them every now and then, it would be hard for hackers to decipher the password.

    • OklyDokly

      So, I’m curious as to why more companies aren’t going the route of OTP + password for authorization…game companies are doing it, some banks are, but not all…

      Sure, you have the risk of losing your OTP generator, but without your password, that OTP generator is useless, and vice versa.

      The fact of the matter is this: Try and try as hard as you might, you will never be able to completely prevent/thwart social engineering. Yes, you can brute force or dictionary hack passwords in some cases, but the vast majority of security compromises occur through social engineering.

  • jay

    i use my dob as my pasword,easy to remember

  • Versatile

    I currently use a great website called mashedlife.com. I use a yubikey to login for secure authentication, and all my passwords for all my online accounts are housed here.

    I use the random system to generate random and complex passwords for each and every single online account I have.

    When people ask me if I know my passwords, I literally say no I do not. In fact, if you asked me what my gmail password is off the top of my head, I honestly could not tell you because I have literally 0 passwords memorized except the main password I use to login to mashedlife.com with yubikey as the second form of online protection.

    The mashedlife.com website is never down based on my usage, and the passwords are encrypted. Sure, lastpass.com is similar site, but in general I think these are good solutions.

  • David

    A comment on passwordmeter.com. I am currently working on a website for a large government agency. As part of the registration process, it is necessary to choose a password. The decision was made to incorporate the password meter into the sign-on page. In the process of doing this, I discovered an enormous bug in the password strength algorithm – which is the root cause for

    “However, if your password is too long, i.e. too safe, this test will actually fail.”

    It has to do with the way it calculates the number of repeated characters – which is a major deduction in the algorithm. Consider a password like “EIDIDIFY” from the beginning of the article.

    There are 2 Ds and 3 Is in the password, for a total of 5 repeated characters. Deduction for 5 repeated characters is n*n-1 or 5*4 or 20. However, because the algorithm bug to count this determines the number by looking through the string starting at the first character and looks at each character in turn to find matches. Then looks at the next character in the string and parses again til the end, whenever there is more than 2 of any character, you get characters counted more than once. In this case the first I matches two other Is in the string. Then when you get to the second I (in pass 4), it matches the last I also. The result is the algorithm thinks there are 3 I’s, 2 D’s, and then another 2 I’s, for a total of 7 repeated characters. 7*6=42 which is a huge deduction. If there was a third D as well, the algorithm would find 10 repeated characters for a deduction of 90. That explains why a STRONG password can turn into a WEAK password by making it longer.

Load 10 more
Affiliate Disclamer

This review may contain affiliate links, which pays us a small compensation if you do decide to make a purchase based on our recommendation. Our judgement is in no way biased, and our recommendations are always based on the merits of the items.

For more details, please read our disclosure.
Affiliate Disclamer

This review may contain affiliate links, which pays us a small compensation if you do decide to make a purchase based on our recommendation. Our judgement is in no way biased, and our recommendations are always based on the merits of the items.

For more details, please read our disclosure.