Skip to main content

A guide to making up very strong passwords

How many times per day do you enter a username and password? Logging in to Facebook, checking your financials, leaving a comment at a random blog – there are tons of situations where access is restricted to authorised users. However, clearly some sites are more important than others – your bank password definitely outranks a password just used for blog comments. If you use a password manager, the master password that grants access to all the rest is the most important of all.

There are two conflicting requirements for a good, strong password. First, it should be nearly impossible for a hacker to guess. Second, it should be easy for you to remember (don't even think of writing the password on a scrap of paper!) A password that's a random collection of different characters and character types passes the first requirement, but most people would find it tough to memorize something like dK29e3EBwtY!WFp%. (That password came straight from the random password generator built into LastPass, one of our favourite tools for password management). Most passwords that you can easily remember are also easily cracked... unless you use some simple mnemonic techniques.

For the talented typist

Are you a fast, accurate typist? Consider using a password that's an entire sentence, something with personal meaning. You'll have to practice typing without spaces, but after a while typing a password like WC.1940.WeShallFightThemOnTheBeaches, or something similar will come naturally.

Not a fan of politics? A favourite line from a movie, a poem, or a song can serve. Names and stats from a favourite sports match could combine to form a handy password mash-up. Just make sure to include at least one easily-remembered and relevant number, as well as some punctuation.

Shrink to fit

Of course, not all password-protected apps or sites will accept passwords of unlimited length. You may find there's a limit, perhaps 12 or 16 characters. Fear not; you can still use a favourite saying, poem, or song lyric to create a cryptic but memorable password.

How about BBMshcDuhh!Fab4 for a password? That would be "Bang Bang Maxwell's silver hammer came Down upon her head!" boiled down to the first letter of each word, with uppercase letters for emphasised words, and Fab4 tacked on to provide a number. Are you a Shakespeare fan? How about o,TtTtSFwM.A1.S2 ("O, that this too too solid flesh would melt," from Act 1, Scene 2 of Hamlet).

Common sense

If your Facebook profile proudly proclaims that your favourite song is Sir Mix-A-Lot's "Baby Got Back," pick a different song as the source of your password. When you go to add numbers, don't use your house number, phone number, NI number, or anything a stranger could associate with you. Use a phrase or sentence that has personal meaning and you'll wind up with a password that's both memorable and un-guessable.