6 Tips For Creating An Unbreakable Password That You Can Remember

Ryan Dube 13-06-2014

You can lock every door and window of your house, but if you use a skeleton key the odds are pretty good someone is probably going to end up robbing you blind. The same is true of your passwords. If your passwords are not unique and unbreakable, you might as well open the front door and invite the robbers in for lunch.


A few years ago, Damien described a few ways to come up with strong passwords How To Create Strong Passwords That You Can Remember Easily Read More , like making sure you use special characters and that the password is at least 8 characters long. Still, creating a complex password is only half the job, the other half is actually remembering it.

And, is any password truly unbreakable? Not really, but in a recent interview with Bruce Schneider Security Expert Bruce Schneier On Passwords, Privacy and Trust Learn more about security and privacy in our interview with security expert Bruce Schneier. Read More , Bruce referenced one of his blog posts about choosing a secure password. His advice was to take sentence and turn it into a password. His exact words were, “Choose your own sentence – something personal.”

This sounds like a simple concept, but even coming up with a sentence that you’ll remember can be as difficult as coming up with a password itself. About a year ago, Yaara offered some tips that could help you remember your passwords 13 Ways to Make Up Passwords That Are Secure and Memorable Want to know how to make up a secure password? These creative password ideas will help you create strong, memorable passwords. Read More . The following are a few more tips that might help you develop passwords that are especially complex, nearly unbreakable, but also memorable.

1. Nursery Rhymes

One preferred method of coming up with complex passwords that pass every IT security policy The Latest Internet Security Threats That You Should Be Aware Of Security threats have increasingly come from new directions and that isn’t looking set to change in 2013. There are new risks you should be aware of, exploits of popular applications, increasingly sophisticated phishing attacks, malware,... Read More out there – even those that require 15 character passwords – is the nursery rhyme technique.



The way this works is you choose one of your favorite nursery rhymes, capitalize the first letter of each sentence, replace certain letters with numbers, and follow that up with an exclamation point or some other symbol at the end. For example, take the nursery rhyme Little Boy Blue, which goes like this:

“Little boy blue, come blow your horn. The sheep’s in the meadow. The cow’s in the corn.”

Now you transform that replacing any “s” with “5” and any “L” with a 1 or a 7. Here’s the new password.


That’s an 18 character password that includes numbers, letters, uppercase, lowercase and at least one special character.


2. Favorite Line of a Song or Movie

A technique similar to that above uses famous movie quotes 10 Websites For Famous Movie Quotes Read More  to come up with the password rather than nursery rhymes. There are actually very popular nursery rhymes people may use, that hackers could guess. Using a favorite movie line – especially one that is particularly obscure – will make this approach much more secure. You may also consider replacing characters with numbers that are not so easy to guess.

For example, lots of people would think to replace an “s” with a “5”, but if you choose a different number, it’ll be harder to guess. Replace every “s” with a 6 or 7 instead – easy to remember because they start with the letter “s”. You might also replace every t with a 3 using the same logic.


Using this new approach, you may start with the famous movie like from Al Pacino in the movie Scent of a Woman:


“If I were the same man that I was thirty years ago I’d take a flamethrower to this place!”

This quote then becomes:


This concept is basic cryptography 101, but it’ll at least provide a compromise between coming up with a password that is very difficult to hack, but also one that a normal human brain can remember.

3. Use Industry Lingo

One alternative of this is using very specialized industry lingo to come up with the phrase. Nursery rhymes or even movie quotes could be guessed with a computer algorithm running through as many possibilities as a computer can manage. However, industry-specific lingo is much harder to guess.



For example, if you’re a nurse, your phrase might be:

“The aortic coarctation led to an agonal response, BLS and finally intracerebral infarction.”

(I’ve no idea if that makes any sense, but you get the point).

Replacing “a” with 0 results in the following password:


This is only 14 characters rather than 18, but much harder to guess.

4. Personal Dates

An alternative technique to using sentences is using mostly numbers. Of course, random numbers aren’t exactly simple to remember either.  However, one technique that I learned from my father (he used it for choosing lottery ticket numbers) was to go with important family dates.

Now, the first thing many people think is to use birthdays. Unfortunately, these days it’s far too easy for the savvy hacker to discover online. You need something a little more advanced than that. A good approach is to use dates of events only you would remember as important to you, but no one else would really know about. The day that you first took a roller coaster ride. The day that you kissed for the first time. The day your parents gave you your first bike.


Take the three dates that you are sure to remember, and line them all up in a row. Replace the slashes with a lower-case L, a space between dates with a “_”, and end with a special character like “!” or “#”.  Such a password would look something like this:


This password is 27 characters, so it can only be used in systems that can handle very long passwords. If allowed however, it’ll allows you to have one of the most secure passwords possible.

5. Use a Keyboard Pattern

Here’s a fun password approach that uses the same technique as the smartphone login pattern Which Is More Secure, A Password Or a Pattern Lock? Our smartphones carry a lot of personal information. All of your text messages, emails, notes, apps, app data, music, pictures, and so much more are all on there. While it's a very great convenience to... Read More . In this case, what you’re going to use is your keyboard. Draw some kind of recognizable pattern on your keyboard, and then use the letters and numbers as the password. For example, let’s say you create a pattern on your keyboard as shown below.


If you start this pattern at the number 3, it should be pretty easy for you to draw out the pattern each time. If it helps, you might even draw recognizable images or letters on top of the keyboard. In the case above, the password ends up as follows:


Using this approach, you can alter the complexity of the pattern to lengthen the password. A hacker could potentially run an algorithm through that would attempt every password possible on a keyboard by connecting every key to one another, so making the pattern as complicated as possible – such as going back and forth or making complex, diagonal lines – should make that kind of hacking much more difficult.

6. Establish a Rudimentary Hardware Key

The final technique that’s worth trying for an ultra-secure password is the hardware key approach. In most corporations, employees are provided with a hardware “token” or key, which has a digital number on it that changes at a regular interval. That number is used as one part of the login process.


In much the same way, you can print out and carry a card where you’ve written down part of your password pair. The other part of the pair would be the part of the password that you need to remember.

For example, your password might be “2BeOrNot2BeThatIsThe?”  So, you would write down “ThatIsThe?” on a piece of paper, and this will remind you what your entire password is.

The value here is that even if someone finds the written portion of your password, they still won’t have the part of it that exists in your head. At the same time, it gives you a powerful tool to extract that part of the password out of your head when you’re having a bad memory day.

Ultimately – the password that you go with should be the one that works best for your situation. You can use any of the techniques above, or come up with one of your own, but the idea is to develop a password that is so unusual, with such a variety of character types, that hacking that password becomes a nearly impossible chore.

Image Credits: baby crib via ziviani at Shutterstock, s_bukley /, Nurse making call via Monkey Business at Shutterstock, Riding a bike via Brian Jackson at Shutterstock

Affiliate Disclosure: By buying the products we recommend, you help keep the site alive. Read more.

Whatsapp Pinterest

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. mac
    February 17, 2019 at 11:20 pm

    If you are an adult, you probably remember your family's old address or phone number from your days as a child, or the same info from your old next door neighbor. All of the above are things I have not forgotten in over 50 years. You could also use the measurements of your first high school girlfriend, or her IQ and grade-average if you ever knew that :-)

  2. Roch
    November 12, 2014 at 6:15 pm

    Can someone point me to information on why a sentence with multiple words separated with spaces is easier to break than nonsense patterns without spaces (something I have heard in multiple articles like this one)? I know a dictionary-based brute force attack can solve for single words, but when there is a multi-word string, how does the password cracker know that they got one word correct in the sentence? Doesn't the cracker have to get all the words correct, in the correct order, to successfully match the encrypted password string they have stolen? So, if I use a sentence with real dictionary words and spaces that becomes a 40+ character password, how is this easier for the password cracker program to break than any other 40+ character string?

    • Fred Flinstone, IV
      July 25, 2017 at 10:08 pm

      "if I use a sentence with real dictionary words and spaces that becomes a 40+ character password, how is this easier for the password cracker program to break than any other 40+ character string?"

      Look up "dictionary attack"—it's for more than single words.

      However, any 40+ char password is going to be pretty strong by default.

  3. Moazzam Shahid
    July 14, 2014 at 11:05 am

    There's also another site called
    Its simple and fast for generating random, secure passwords.

  4. John W
    June 23, 2014 at 4:16 pm

    Nursery rhymes are quite common to many hundreds of thousands of people. I'd rather call on the vast store of song lyrics in my head. Even better if you have misheard the lyrics in your yoof and have been singing the wrong words for 20 years. Even when you've been told the right words many times!

    If a site limits you to 8 or 12 characters or won't take symbols don't forget to complain loudly.

    Also, many of us use acronyms, jargon and part numbers in our workplace that are meaningless to others. I use obsolete transistor and chip part numbers.

  5. android underground
    June 23, 2014 at 11:14 am

    Passwords in the cloud don't work if the cloud service is offline. Passwords on your device don't work if you have to log in on a device that is not yours.

    Passwords in your head always work, no matter where you are, no matter if your password cloud service is online or not.

    One password for things that are not important, and a handful of unique password for those email accounts and financial services that really matter.

  6. Guy M
    June 19, 2014 at 8:42 pm

    I type my new password in a word processor program and change the font to something with icons like wing dings. Then I copy that and past it into the password field on the site I'm signing up for. Hack that!

    (This has been a troll comment. This won't really work. Don't waste your time responding either.)

    • Timey McWastington
      June 5, 2016 at 8:35 pm

      I thought I'd waste a little time here.

  7. Ron
    June 19, 2014 at 12:25 pm

    I use the Yubico Yubikey to add 16 characters to my easy to remember password of 10 characters a total of 26 characters mus do the job.
    And this way I use something I know and Something I have and only miss the something I am part.

  8. Squatch
    June 18, 2014 at 5:27 pm

    I had the chance to sign up with the CIA but ultimately declined but I you have to make an account with them. Their password requirements were as follows:
    20 characters long
    Uppercase Letters
    Lowercase Letters
    All of this is required. If you can't do this, your password is probably not secure.

  9. Nick
    June 18, 2014 at 3:10 pm

    No, no, no, no. Sorry, Makeuseof, you're usually pretty good, but this is dangerous advice. Don't use known phrases (nursery rhymes, movie quotes), or keyboard patterns. Both tactics are known to password crackers and they use them to easily crack long passwords.

    Here's the background you need on how passwords are actually cracked now:

    • Ryan Dube
      June 19, 2014 at 5:41 pm

      The article doesn't describe using plain words - did you read it? It describes using number,,letter and symbol variations to form complex passwords based on tge firdt letter of each word. Furthermore this wss a best practice described by security expert Bruce Schneier.

  10. Sreeraj R
    June 18, 2014 at 1:39 pm

    Nice article, in fact a much needed one. I always use passwords with numbers,Small and capital letters and at least two symbols.

  11. suherman
    June 18, 2014 at 2:00 am

    Thanks makeuseof for your tricks.

  12. Neville Scollop
    June 17, 2014 at 9:06 pm

    2 factor authentication, application specific passwords, google authenticator, Bad IP Blocker, and KeePass Pro. That's how I do it and it's worked so far.

  13. Allan Harmsworth
    June 17, 2014 at 4:12 pm

    I meant to say some require a special character.

  14. Allan Harmsworth
    June 17, 2014 at 4:11 pm

    I agree with Q, the article does not say how to deal with sites that make up arbitrary password rules. Some require a special password, some forbid it. Some require inclusion of a capital letter, some require inclusion of a number, or both. Then they limit it to 8 or 12 characters. What I need is a long nonsense phrase as *my99#dogRoverhas99fleas* then be able to add a unique differentiator like the name of the site like Facebook, Google or such in an arbitrary position. I do a lot of contests, so accumulate hundreds of new login passwords and username combinations. I used to use Roboform, but find LastPass works well for what I want.

  15. Jo-anne P
    June 17, 2014 at 7:16 am

    OMG after reading all this my brain hurts lol.

  16. me
    June 17, 2014 at 3:53 am

    There is still more simple way. Decide two key words form your life incidences, assets, locations, family, name, initials, dates etc. One key word shall be 4 letter OR numerals. Second shall be of three letters or numerals. Say they are K1 & K2. Select two wild characters of your choice. Say they are W1 & W2.

    Now your password for any site, any office file or zip, ram files will be filename OR sitename followed by W1 followed by K1 followed by W2 followed by K2.

    Example if your K1=abcd, K2 = xyz, W1= & & W2 = *

    your password for facebook will be facebook&abcd*xyz
    Your file name is data.xls your file password will be data&abcd*xyz

    The essence is in selecting k1,k2,w1 w2 in a manner that no one can guess.
    This logical password created can work for entire lifespan...!!!!

  17. S. Phibber McGee
    June 16, 2014 at 9:02 pm

    @ Gigi O-

    Most of the fingerprint readers I am aware of have a password option in the event of
    hardware failure (or presumably unrecoverable loss of the biometric data/digit used or in the case of events such as you have discussed previously.

    Controlling access to your computer &/or the print reader are certainly still of paramount importance. To that end I am aware of the existence several hardware/software arrangements that require either a specially set up USB stick or the presence of an RFID pendant to make use of the computer before they can even access the biometrics.

    Finally I'm sure that one or more of the available systems might well have a multi-teired authentication protocol requiring both biometric and password input. If they were to provide the biometric data and you the password you would still feasibly retain privacy and control.

    I am somewhat confused however by your last comments as these indicate you do not trust those whom you would have access your personal data ICOE. My question the becomes why
    allow them to at all. At that point I would simply take the lap top to my attorney and set him up be the ICOE data access person.

  18. jim
    June 16, 2014 at 7:01 pm
  19. S. Phibber McGee
    June 16, 2014 at 6:53 pm

    @ Gigi: Many scanners allow for more than one print to be used in case of accidental injury/loss of a print. Also there are (a bet currently very advanced) systems out there that combine several biometric features such as facial recognition, finger/hand print, and retinal scan. My tablet does facial recognition now.

    Dishpan hands is temporary, eczema doesn't happen over night nor to all fingers at once. Neither does glaucoma or cataracts and you do have 2 eyes.

    Kidnapping for the purpose of accessing ATMs happens now regularly in some places as does thieves loitering around them not to mention of theft of RFID data and card skimming. The potential for finger removal can be thwarted by the inclusion of pulse monitor in the scanner &/or a sensor to monitor the temperature of the finger.

    No system will ever be 100% secure we can only make it as hard and time consuming and risky as possible for these thieves.

    @NP regular changing of passwords is to prevent theft or hacking of your security. How exactly are you suggesting your biometrics will be hacked?

    • Gigi O
      June 16, 2014 at 8:37 pm

      @ S. Phibber: Thanks. Use of multiple biometric criteria seems to be key. As does being physically present with delegates to my accounts long enough to establish biometric access for them in case of emergency. But this means they have constant access vs. knowing where/how/under which circumstances to access a master password that I might change periodically, for example. Unless there is some method for triggering such alternate access?

  20. S. Phibber McGee
    June 16, 2014 at 4:52 pm

    If the industry standard became biometrics instead of passwords then this entire continual problem would become a none issue. You'd never need to remember anything.

    • Gigi O
      June 16, 2014 at 6:15 pm

      I have a few concerns with sole use of biometrics.

      While large scale hacking sweeps would certainly be harder, would this encourage more individual physical violence like kidnapping at ATMs or even "hacking" off of finger tips, etc.?

      On a less ominous note, my ThinkPad's fingerprint scanner is hit and miss already, although I'm sure that technology will continue to improve. But what if I have "dishpan hands" one day or develop periodic eczema? In the case of retina scanners, what if I develop glaucoma or need cataract surgery?

      What if I have a sudden stroke or heart attack and need my family to handle my affairs for a while? What about access to my accounts after I die?

      I'm curious how these kinds of situations can be dealt with. Please advise.

    • NP
      June 16, 2014 at 6:28 pm

      biometrics is even more dangerous. It's tied to your identity and you can't change it.

  21. Petey P
    June 16, 2014 at 4:10 pm

    Of course none of this matters when people take whole groups of passwords from Target, EBay, or Yahoo!....

  22. dpocius
    June 16, 2014 at 3:51 pm

    Gearheads/petrolheads: For #5, overlay a picture of your favorite road circuit or portion thereof on the keyboard and proceed! The only way you'll mis-enter your password is if you put a wheel off.

  23. Robert M
    June 16, 2014 at 2:45 pm

    This is far too overly complex. Complexity does very little to make your password secure. A brute force attack will still have to go through every possible character regardless. The length of the password is what really matters.

    Make up a nonsensical sentence that is related to what you are protecting, such as:
    "When I log onto my giraffe from Saturn I always include the number 7."

    And make that your password. And to make it easy to remember choose your favorite whatevers, in this case I picked an animal, planet, and number. This is your password. There is no reason to be cryptic with the complexity, it doesn't do anything to stop a brute force attack, but the length of that requires "a very long time." Remember, partial successes do not work. Passwords are all or nothing.

    For more in depth explanation and plenty of links to explanations:

  24. Comenclater
    June 16, 2014 at 11:38 am

    How Stephen said, password managers are very useful programs .
    With password manager is easy to create a strong password. For example: [Broken URL Removed]

  25. Gerald Z
    June 16, 2014 at 12:13 am

    Every time I change my password I have to rename my cat.

    • Xunius
      December 2, 2015 at 7:48 pm

      I am going to quote this.

    • n2wishnn
      July 29, 2018 at 11:39 pm

      I know I come 4 years after the fact, but I just Had to say that made my day. I agree with Xunius... Quote Worthy..

  26. Leopardmask
    June 15, 2014 at 2:59 am

    Is the "4 common words" password that xkcd talks about still difficult to hack? 4 random, common words that have nothing to do with each other, but you can still create a mnemonic to easily remember them. This is the comic, if this comment allows links:
    If not, the example is "correct horse battery staple". Still really long, but does it work?

    • NP
      June 16, 2014 at 6:27 pm

      No, it doesn't work anymore. Anything that uses real words, even if long, are now easily cracked with smart, heuristic dictionary crackers. See the link to Bruce's article

  27. Anonymous
    June 15, 2014 at 1:23 am

    About 90% of the sites I sign up for, I couldn't care less if someone hacks into my account. What are they going to do, post a comment on a message board on my behalf? For those sites I just use the same password, and save secure passwords for things like email, banking or any site that requires credit card info. That significantly cuts down on the number of passwords I have to remember.

    • A41202813GMAIL
      June 15, 2014 at 1:47 pm

      Exactly What I Do.

      I Do Not Even Use Any Money Online, Whatsoever - Brick And Mortar All The Way.


      • George
        May 27, 2018 at 10:37 am

        Sadly, bricks and mortar are falling by the wayside. One example is a local bank that charges a hefty fee if you use a human teller, but waives the fee, if you automate your transaction. A lot of the reasoning is the human cost versus the human convenience. What are you willing to pay for?

  28. Stressed Go Outside
    June 14, 2014 at 7:11 pm

    Lots of people forget passwords I work in IT a little code here and there and people sometimes brag that they made the password to long and difficult to remember, but it still takes the same effort and time to reset the password even if it is simple like pass321. What is easier and more effective than advice to just change your password regularly? Just something to think about google (Your LinkedIn Password Is On Display in a Museum in Germany) it was news last year.

  29. Karl K
    June 14, 2014 at 4:19 pm

    Your first example, “7bbcbyhT5itmTcinc!”, violates your nursery rhyme rule. That is, the
    new password (based on the rhyme) should be: “7bbcbyhT5itmTcitc!” (the next-to-last letter should be a "t", not an "n".

    • Ryan D
      June 14, 2014 at 4:30 pm

      Wow - good eye Karl! :-)

  30. Þór Sigurðsson
    June 14, 2014 at 4:13 pm

    All these require the person choosing the password to be fairly adept at on the fly encryption/encoding.

    Most people are not. Most people have the patience of an agitated pitbull and the memory of a banana fly when it comes to handling passwords. And as such, they use password managers where they can and write down those pesky passwords they can't put into their password manager - like their top secret don't write anywhere and don't tell anyone work password.

    There is a simpler approach that still has many times over the entropy of the nursery rhyme passwords described above. Choose 4 or 5 words at random from a dictionary. Better yet if it's not an English dictionary. Better yet if they are 4, but come from 4 different dictionaries.

    As such, "quaint sauerkraut fuego hamborgari" would be totally rememberable - but still almost impossible to brute force or guess.

    Short but useful reading material on password entropy: [Broken URL Removed]

  31. OnTheRoad41
    June 14, 2014 at 3:26 pm

    With Ryan Dube's suggestions, how do you handle places (like my husband's employer) who require you to change the password every 60 days and it can't be similar to the previous 5?

    • Ryan D
      June 14, 2014 at 4:29 pm

      Yeah - I know a lot of folks who have that issue. A solution that I've heard many friends of mine use is actually a version of the #6 solution in this article. Every time a password change is required, you update your "rudimentary hardware key", and you're good for another 60 days.

  32. Q
    June 14, 2014 at 3:23 pm

    This is all great people, but when I find I need a variety of standard PSW "keys" or starter phrases because the 282 site where I need to use them all have such a variety of rules that it makes it very, very tough to standardize. Even the most secure financial sites don't allow special characters which seems stupid. Further, they limit you to only 12 characters -- how dumb is that? Others require it to be changed every 90 days -- what a PITA. Another is use is so seldom, you have to write down the clues, and hope you still remember. Finally, sometimes a site will change lock you out after lack of use and even THAT parameter varies. I don't trust the idea of a master PSW to unlock anything using the cloud with 282 PSW's stored on it -- that would be a catastrophic hack! HALLLLLLLLLLLP!! I need more guidance on how to cope with all this!

    • Davidpleach.dl
      June 16, 2014 at 4:25 pm

      Your situation is closer to everyone's situation that we want to admit. One good solution is to get biometrically-based single sign on software (and a scanner, of course) that let's you use your fingerprint to get into all those sites. Passwords are virtually eliminated and your authentication is even MORE secure.

      If you stick with passwords, one thing you must do...make sure your money (bank) is always secured with a totally unique password. If the bad guys find any password you use, they'll head to your bank and assume it works there, too.

  33. Snedzsr
    June 14, 2014 at 12:48 pm

    What or who is Yaara? This is a reference I'm not familiar with.

    • Ryan D
      June 14, 2014 at 4:27 pm

      Yaara is an MUO writer and the link to the article mentioned is right there beside her name in the intro.

  34. password
    June 14, 2014 at 11:43 am

    use gibberish and keep the passwords in a password protected Word document


    • Ryan D
      June 14, 2014 at 4:22 pm

      This is actually kind of dangerous - all one would have to do is break the protection on the one Word document, and it's all over. Also, the fact that Microsoft Products seem to be targeted so much more than others makes it that much more dangerous I would think.

  35. Peter Hood
    June 14, 2014 at 11:31 am

    Use the password generator at, or the one in a password oubliette such as PINs.

  36. Pavels O
    June 14, 2014 at 11:22 am

    My comment was lost due to a glitch, and I am too lazy to retype it.

    This summarizes it nicely though:

    "Through 20 years of effort we've successfully trained people to use passwords that are hard for humans to remember but are easy for computers to guess."

  37. ?????? ?
    June 14, 2014 at 8:46 am

    I use Great service! I have my card on smartphone, tablet, in wallet, near my work and home computers. Passes like 3:)-cube written in paper notebook and evernote/OneNote

  38. John Bennet
    June 14, 2014 at 6:48 am

    But this would be another reason for password hacks

  39. CP03P0
    June 14, 2014 at 2:55 am

    A strong password is good for some things but don't get paranoid about a password, if we can make it, we can break it. And besides some people like the harder challenge thinking there must be a bigger prize inside. It's like a treasure hunter opening a box only to find it empty.

    • Ryan D
      June 14, 2014 at 5:19 am

      How would a hacker know the password is more difficult?

  40. Steven Kopischke
    June 14, 2014 at 1:36 am

    I have been using a series of Bible verses to help me come up with passwords. For example, I will start with a verse, John_3:16 (that's nine characters already and includes four classes of characters) and add -06/13 (another six characters for today's date) followed by three letters that mean something to me, jHk. That gives me a unique password that also tells me what I was reading on that day....which I can also find in a physical journal. I also used 1Password to keep track.

    • Ryan D
      June 14, 2014 at 5:18 am

      Clever. This is a particularly good approach because it's unique to your interests and your knowledge. Changing it frequently like you mention is another added layer of security. Very smart!

  41. likefunbutnot
    June 13, 2014 at 11:56 pm

    As a starting point, I usually suggest that someone make a password by using the stupid thing they like to use as a seed value and shifting all the characters over one row of keys on the keyboard.

    • Ryan Dube
      June 14, 2014 at 5:16 am

      Might only work for people who know how to type though, I would think? I know a few people I couldn't imagine being able to type the correct password in that way. :-)

  42. ReadandShare
    June 13, 2014 at 11:50 pm

    Not sure what the big hang up is against password managers that can remember very long and very complicated and very unique passwords for each and every one of your sites?!? I use Lastpass without any issue, but even those who remain squeamish about "the cloud" can use Keepass and keep the info within their own desktop (or device)!

    One BIG advantage of using a password manager to "auto populate" website login's and passwords is this: a fake site good enough to fool you and me WON'T fool a password manager.

    No clever nursery rhyme can protect you from accidentally logging onto a cleverly phished webpage.

    • Ryan Dube
      June 14, 2014 at 5:15 am

      That is very true - phishing is one of the biggest dangers, regardless of how clever anyone's password is.

  43. Barrie M
    June 13, 2014 at 9:58 pm

    I use lastpass and make it generate passwords. The one issue with the things listed above is it will be difficult to remember one nursery rhyme password try remembering a different one for every site.

    • Eric J
      June 13, 2014 at 11:15 pm

      you create a "base" password and just change a part say the beginning or the end with something familiar with the site like for example makeuseof you could have at the end "Mu)"

    • Ryan Dube
      June 14, 2014 at 3:10 am

      Like Eric - I tend to often use the Nursery rhyme approach with a different number and character per site. then I only really have to remember 3 unique characters or so (or jot them down in my journal - without the base password the 3 characters are useless).

  44. Nick C
    June 13, 2014 at 9:50 pm

    I use Keepass to create hard to hack passwords.

    • Stephen
      June 14, 2014 at 7:26 am

      I don't get why people feel they have to come up with these intricate rituals to make passwords better. Use a password manager and just stop bothering with it.

    • Stressed Go Outside
      June 14, 2014 at 7:37 pm

      I don't get why we have the rituals to make passwords better. I agree with Stephen because if kid can google how do I reset a password, and also get your security question just by asking you your security question in a normal conversation why do we bother with that?

    • Nick C
      June 14, 2014 at 7:47 pm

      Keepass makes it so hard for Passwords to hack. I believe Makeuseof has made numerous articles talking about how good Keepass is. Keepass is my go to for Password management and creating hard to hack passwords. Keepass can even be stored on a USB drive as well.