How to create a strong password that's easy to remember


Back to the home page


A good password is not only strong and secure (hard to guess), but also easy to remember (practical). So: what's a good password in everyday life? An important question....

The answer will probably surprise you. It surprised me, anyway! A strong password is above all.... long. Symbols, numerals, caps and punctuation marks don't make it stronger, but they do make it harder for you to remember it.

The only thing you have to do therefore, is to create a long password that's not crack-able by means of a dictionary attack (a brute force attack using existing words and existing sentences in a dictionary).

The famous cartoonist of xkcd.com has made a very enlightening cartoon about it (click on the image to enlarge it):


You've read it correctly: Tr0ub4dor&3 is less secure than correct-horse-battery-staple. Less secure, and much harder to remember. For three simple reasons:

1. The password sentence has simply more characters than the single word. In other words: it's longer. Sheer length provides extra security against "brute force" attacks.

2. The "weird" characters are for the computer of an attacker not harder to crack than normal characters.

3. The dashes between the four random words, render a dictionary attack futile: the attacker simply can't know where the dashes are in the sentence, so he can't use a dictionary at all. Furthermore, the words are random and don't constitute an existing sentence.

You can find more explanations here (simple) and here (extensive).

In other words: we've all been fooling ourselves a bit..... Four random words that don't form an existing sentence, connected by dashes (not by spaces, as they might cause technical trouble), provide an excellent and very secure password. Which is quite easy to remember.

In short: creating a good password is thankfully very easy!

Note (1): use "free association" when selecting the random words that will constitute your password. Don't use something as obvious as "sun-sea-beach-holiday".

Note (2): if you want to enhance the security of your password a bit further, make sure that one of the four words is rather unusual (normal, but little used). That doesn't make it harder to remember the row of words, so it's no bother to do that.


Want more?

Do you want more tips and tweaks? There's a lot of them on this website! You might find these useful:

a. Wireless security (four myths and 12 tips)

b. Replace Windows 7 by an easy free Linux

c. Security in Linux (about viruses and firewalls)


To the content of this website applies a Creative Commons license.

Back to the home page

Disclaimer