The strength of passwords has never been so critical with the number of devices available over the internet. The majority of high profile attacks usually includes some sort of weak password that has been compromised in one way or another.
When creating a password, you’re usually encouraged to create something secure with at least eight characters, consisting of uppercase, lowercase, numbers and special characters. If you try doing this off the top of your head, you’ll probably struggle and either end up writing it down, ignoring the advice or creating something ridiculous like Password123, which obviously isn’t very secure (although it does meet the requirements).
Over the six years I’ve worked in I.T, I’ve created a huge number of passwords and I think I’ve instinctively become good at remembering the random passwords that I generate. However, I’ve not always been this good at memorising random letters, numbers and symbols. So, how can you create something that meets the requirements whilst still being memorable?
A tutor of mine taught me a technique when I was an apprentice, it’s nothing new but hopefully you’ll find it helpful!
The basic principal is to take something memorable to you and convert this into a secure password. I used song lyrics… see my example below (not my actual password…!)
For example, if you happen to be a fan of Freddie Mercury:
Is this the real life? Is this just fantasy?
becomes (if you take the first letter of each word):
You now have a basic, relatively secure password, which should be easy for you to remember and would take an average desktop PC 1000 years to crack. Adding a few more special characters or extra words could make it even more secure.
For example, adding ‘Caught in a landslide’ and a couple of ampersands, this becomes:
This would now take roughly 6 quadrillion years for the average desktop PC to crack.
Although this process looks complicated, it should be easier for you to remember a couple of special characters at the beginning, middle and end of some lyrics stuck in your head. As always, don’t use something obvious like your well known favourite song, this could lead to social engineering. Maybe choose a guilty pleasure nobody knows about!