There are a couple of guidelines and practices that a user should keep in mind when composing passwords for his or her online accounts. It is usually advisable that a password be at least 12 symbols, and that it contains upper case letters, lower case letters, symbols, and numbers. Indeed, some websites would not allow users to create a profile with a password that doesn’t fulfill all of the criteria listed above – and, from a practical standpoint, it is easy to see why the site’s creators would do such a thing.
With the growing frequency of various forms of online attacks on users, online security it is becoming an even more immediate priority day by day. Simply put, website owners can’t afford to let users get lax in their own security, because of the user’s account gets compromised by an attack, the user is not the only one likely to suffer unpleasant consequences – it’s the company’s reputation that is at stake as well. Unfortunately, that means that users are forced to devise and remember passwords that may be very difficult to memorize – especially if the user must come up with and remember dozens of them at a time.
With this in mind, here are some tips on how users can create strong, but memorable passwords:
Personalized word combination. Using a dictionary word, or even a combination of simple words as a password is a very bad idea – but word passwords are naturally easier to remember and re-create. Therefore, it is advisable for users to not try to avoid using words in their passwords – just use longer, more obscure and generally – less common words or word combinations to make up their passwords. For instance, ‘brownhorse’ and ‘oldhouse’ are examples of bad passwords. ‘gorgeousstallion’ and ‘dilapidatedruin’ are much better, not only because they are longer, but because they are less obvious. Users should take a moment to think of an obscure word combination that speaks to them personally – perhaps something unusual they saw, or an odd word that’s stuck with them, even though its use is not very common at all.
Capitalizing letters. Users that are asked to use capital letters, as well as lower case letters, should avoid just capitalizing the first letter of their password and leaving it at that. They should mix things up a bit – capitalize the next to last one as well, or every other letter, or just the vowels.
Letter substitution. Users should avoid substituting letters with similar looking numbers, as that makes passwords troublesome to write and difficult to remember, while not actually making them that much more difficult for an attacker with the right tools to crack.
Symbols and Symbol use. Although it may be the easiest to remember and most convenient thing to do, users should avoid sticking just one symbol at the end of the password and leaving it at that. Symbols can be situated in key points in a password in a way that makes sense – for instance ‘robinhood&hismerrybandofthieves’.
Overall, generating strong and memorable passwords is not too difficult. Unfortunately, a user may be forced to remember a bunch of them at the time, which makes things rather more complicated. In such cases, users are often tempted to just devise one strong password and use it across the board. It is important to remember that that is an exceedingly bad idea because as soon as such a password is figured out, the attacker that did could gain access to all of the user’s online profiles that shared that password. This is why users should refrain from recycling passwords at all costs.
To use different, strong and unique passwords for all the accounts you have now is impossible. That’s why you need to use a password manager. These password managers securely store all of your passwords in one place and grant access to all of your sites and services with one single master password.