As the internet has grown to fight back against password crackers and other hackers, they’ve fought back just as hard. The introduction of CAPTCHA presented a huge roadblock for password thieves, but methods such as OCR (optical character recognition) have helped defeat it.
Now more than ever, having the most secure password is crucial. Two decades ago, common advice would be to simply never use a dictionary word as your password. Today, it’s much more complex than that.
Until the adoption of alternative methods of account security, proper password etiquette can save you countless hours of headaches and frustration. In this article, let’s discuss three methods that you can use to create strong and secure passwords.
Using a Secure Password Generator
For many, the best solution to creating the most secure password is actually to not create one yourself at all. Relying on a random password generator, be it through a site like Random.org or a tool such as LastPass, guarantees a quick way of creating an unlimited number of secure passwords.
We suggest that you create a password at least 12 characters in length, using all of letters, numbers, and symbols. Some sites will limit your password length and restrict the use of symbols, but those can be handled as special cases when you arrive at them. Don’t limit your overall security just because of a few fringe outliers.
This is a solid method because it guarantees that your password will be incredibly secure, but it comes at a major cost: How will you remember the password? For many, it comes down to these two options:
- Writing it down, either in a file or on paper
- Storing it in a password manager such as LastPass
However, both have potential downfalls. You can lose paper and your computer files can be lost or hacked, and what’s stopping your password manager from suffering a breach? After all, it has to be protected by a password, too.
On the upside, the best password managers offer multiple forms of authentication. For example, with LastPass, you can protect your account by both an account password and a two-factor authentication device that you can keep with you physically.
Using Sentences Or Phrases
Everyone remembers things differently. Some people have very photographic memories, while others will only remember something by repeating it over and over, hundreds of times.
However, it’s easy to agree that remembering a sentence is probably easy than remembering a random 16-character alphanumeric string. You can create strong and secure passwords out of sentences or phrases that you’ll never forget.
Here’s an example: “My first dog’s name was Albert. He was a white Labrador Retriever.”
Using the first letter of each word in this sentence, and each punctuation mark, we can create this password: Mfd’nwA.HwawLR.
Like using a generator or password manager, this again comes with a downside. If you intend to use unique passwords for every website, which you should, remembering which sentence or phrase is assigned to each is just as difficult as remembering your obscure passwords. However, you might be able to pull it off!
Using a Base
Using a password as a base to generate other secure passwords is a method that you won’t find discussed on many other sites, but we believe that it’s one of the best and most versatile ways to both remember an infinite number of passwords and use a unique password for (almost) every website or app.
Start by coming up with a base password. For this example, we’ll use this:
You will need to memorize the base password. To do so, you can even create a base that’s built off of our sentence method. Since the base password will never be a full password that you use, you can even write it down somewhere while you’re in the process of memorizing it.
Next, come up with a simple formula to create a short string based on the websites or apps you use. One method you could use is considering the domain name.
For example, Online Tech Tips’ domain name is online-tech-tips.com. Now, let’s take the first two and last two letters of the domain name, without the extension (.com), and add it to our base. We’ll use the first two letters as a prefix and the last two letters as a suffix.
Our password is now this: onaNT@qV$tk8kQps
Since every website has to have a domain name, this is a really solid method. However, you may want to modify this in the case of using mobile apps. For these, you can simply use the same trick while considering the app’s name. Like this, the password for your Discord app would be as follows: DiaNT@qV$tk8kQrd
The only drawback of this method is in the event that several of your passwords are somehow leaked to the same person. If they’re savvy enough, they may be able to figure out how you’re generating each password. In that case, they’ve effectively stolen them all.
If you’re not willing to use the single choke-point of a password manager, creating your own unique, strong, and most secure passwords is an extremely valuable skill. Regardless of your approach, sticking with it is very important.
The moment you become lazy or complacent and begin reusing passwords or making use of passwords that aren’t complex enough, your security is at risk.