Creating Strong Passwords

Quick Tips & Tricks for creating good passwords.

Creating long, secure passwords can be extremely difficult, especially when you have multiple accounts and have to remember them all. It’s no wonder that we end up writing them down, or using the same password again and again. This is however, a terrible habit to get in to. In fact, using the same password for all of your accounts is one of the worst things that you can do!

This effectively means that you trust ALL of your private information to one password. If this password was compromised, (whether it’s through telling someone, a website being hacked, someone looking over your shoulder, or any other method) then all of your accounts can be accessed.

It is vital that you use unique passwords for every account that you create.

This is called Password Separation and is very important for keeping your private information protected.

“Great, not only am I supposed to remember really long passwords, now I have to remember them for ALL of my accounts?!”

Hold on, it’s not quite as bad as it seems. There are a number of tricks you can use to make it easier for yourself.

These include:

  • Padding
  • Passphrases
  • Formulas
  • and Password Managers

Padding

The idea behind padding your password is not to change what you already have, but to make it look bigger than it actually is. This is done by adding extra characters to the end of your password to increase its length.

For example, take the password Axis#47B. By using padding, I can make this password more secure.

Axis#47B becomes Axis#47B///////

We can see that while this password has not become any more complex, we have added 7 characters to its length, which as we know from earlier, makes it far more secure.

While in this example we use very simple padding, the more creative and unique you get, the more secure your password becomes.

Other fancy-examples of padding could be "Axis#47B/\/\/\/\", or "Axis#47B((()))" or even "Axis#47Bpadding".

This can also be a great way to add character variety to your password. E.g padding with something like "1Idea!" adds extra layers of complexity to a simple lowercase password.

Passphrases

Passphrases are a simple idea which can easily boost the length of your passwords while making them even more memorable. Basically, your pass-word changes from a single word, to a phrase or sentence.

An example of a passphrase might be: “I’m feeling a bit hungry”

“Whaaaaat?? You can’t use spaces in passwords!?”

Why yes, yes you can. They are legitimate characters and there is no reason why you shouldn’t use them.

Occasionally you might come across a website that restricts you from using spaces or other legitimate characters. If you do, you should think very carefully about what information you are providing them with, because they are obviously not using best-practice security measures.

You can easily see how quickly your password increases in length when you use a passphrase. The great thing is that you can write literally anything in there. If I felt like it, I could put my password as “I stole 12 cookies from the cookie jar!” or “One day I will marry Miranda Kerr”; however be warned, this could be doubly embarrassing if one of the sites you use was hacked and your password was revealed to be “I’m having an affair” or include other highly sensitive information. Have fun with it, but make sure you use something that won’t get you in hot water if it was ever discovered.

By using a lengthy passphrase, you reduce the need to use huge character variety and complexity. Of course, it would be more secure if you did use them.

A word of warning: don’t use commonplace phrases. If after reading this you go and change your password to “letmein”, “opensesame”, or “iloveyou” then you deserve to have your computer taken from you. Get creative! Think of something that is so unique and nonsensical that no one else will think of it. E.g. “Purple Dragons In 9 Types Of Mustard?”

Formulas

Using formulas is another way to add complexity, length and separation to your passwords. The idea is to use a formula, system, or rule to assist you in creating and remembering secure passwords.

These formulas can be as simple or complex as you want, and can be really helpful in remember all your different passwords.

Take for example, the password:

Talwsatgigasbasth

It looks like absolute gibberish (there’s no way you’d be able to remember that, right?), however it comes from a very simple formula.

It comes from taking the first letter of the line of the song “Stairway to Heaven”.

“There’s a lady who’s sure all that glitters is gold, and she’s buying a stairway to heaven!”

“Okay, but that password doesn’t include any numbers or symbols?!”

This is easily fixed by adding punctuation to our password.

Talwsatgigasbasth becomes Talwsatgig,asbasth!

“Ahem… still no numbers…”

And replacing ‘to’ with ‘2’.

Talwsatgig,asbas2h!

And voila, we have a long password that contains upper and lower case letters, numbers and symbols, and is easy to remember! As an added bonus, if you had trouble remembering what song you took the lyric from, you could write that down without worrying that your password was going to be stolen.

To make this specific to a particular website that you use, you might incorporate that website into your core phrase/lyric.

“There’s a lady who’s sure all that glitters is gold, and she’s putting it as her status on Facebook!”

Talwsatgig,aspiahsof!

A more complicated formula might be to choose a phrase that reminds you of the site that you are using, e.g. for www.beardo.com.au, (which sells beanies with detachable beards) I might use the phrase ‘Coolest Beanies Ever’ and take the first and last letter of each word;

CtBsEr

then add a personal rating out of 10:

CtBsEr10

Then add some padding:

CtBsEr10[<><><>]

You could do the same for Twitter with “Tweet To Everyone”….

TtToEe6[<><><>]

Or Facebook – “Update My Status”

UeMySs7[<><><>]

As you can see, we’ve just created three unique passwords using the same formula. I’m not saying that you should use this formula, you need to create one for yourself that is easy to remember and produces a long, secure password.

Password Managers

The final, and arguably the most secure, option for creating and remembering secure passwords is to use a password manager. Password managers are programs which are designed to remember your password for you.

It works like this; you set one Master Password, which you need to remember. When you go to log in to a website, the password manager can automatically fill out the username and password field for you, saving you both time and the effort required to remember the password.

This means that you can create long, complex, unique, passwords for each of your online accounts, and not have to deal with trying to remember them. You simply need to remember your Master Password.

Even better, most password managers include the ability to generate passwords for you. So you can have a password that looks like this: “$Z5&Reh@BDu4rExU^PrZkBf&R6” without having to even think about remembering it.

There are many free and paid password managers out there, like Sticky Password, LastPass, KeePass, and 1Password, each with their own pros and cons. Many have a free trial which you can use to see if it works for you.

Alright, now we've looked at four different methods for creating kick-ass, easy to remember, passwords. You should now be able to adopt one of the methods, or use a combination of methods, to create your own kick-ass passwords.

Remember that if your password is less than 12 characters long, then it's not kick-ass. In general, the longer a password is, the stronger it is.

If you haven't already, you should also sign up for an Email Watchdog Account to let you know when one of your passwords has been compromised.