We all know we should have strong passwords. And yet… so many of us still use the same simple password we’ve been using for years. Even worse, we use the same password for multiple accounts!
In fact, a recent survey found that 44% of people rarely or NEVER change their password… even though 64% have “weak” passwords. This could be why 1 in 5 people have had their accounts hacked!
So, why don’t more people have strong passwords? And if you’re seeing yourself in this story so far, you’re probably wondering: how can I create stronger passwords?!
No worries, we’re here to help! Our theory is that most people think creating a strong password has to be complicated. They think they have to replace “Password12345” with something whacky like “xcv#@kLDSl21nR$k2”.
However, that’s simply not true!
What does a strong password look like?
Although it’s true that “xcv#@kLDSl21nR$k2” would be a strong password, it’s simply not necessary.
The “traditional advice” says that a strong password has:
- At least 12 characters.
- At least one number, symbol, capital letter, and lower-case letter.
- Isn’t based on a single word or phrase.
- Doesn’t rely on easy-to-guess substitutions (Like “h0rs3” instead of “horse”).
This is all true – but as it turns out, there’s a much easier way to create passwords that aren’t full of gibberish. They’re called passphrases!
The passphrase: Stronger and easier to remember than a traditional password
In reality, strong passwords should be both easy to create AND remember.
Remember, the point of a good password is to trick computers – not necessarily yourself!
And, while it’s true that computers can be tricked by “xcv#@kLDSl21nR$k2”, they can ALSO be tricked by simple sequences of words put together – called a passphrase. Passphrases are just as good at tricking computers as complicated passwords, but much easier to remember.
To create a passphrase, simply come up with a set of four words that aren’t obviously related to one another… for example, “French Apple Metal Tree”.
Now, put them together: FrenchAppleMetalTree
This is called a passphrase, and it’s actually incredibly difficult for computers to guess. Even better, you can come up with mnemonics to remember them. For this example, you could imagine an apple pie in a metal baking tray sitting under a tree in France – an image that will be much easier to remember than “xcv#@kLDSl21nR$k2”.
(Note: passphrases are NEVER full sentences, as this would be easy for humans to guess and could even be picked up by AI.)
You can add symbols or letters to make it even stronger!
This classic comic from XKCD sums up the situation brilliantly:
A strong password is only the first step
Now that you have a system for making strong passwords, it’s time to make one for each account you have!
This is because passwords should never be reused. That’s how data breaches cause problems – when you use the same password in multiple places, hackers will just hack the easiest place they can find, then use that same username/password combination elsewhere.
That’s why we highly recommend creating a new password for each website and account.
Okay – so now you have a system for creating strong passwords AND you know you need to make a bunch of them. But, err… doesn’t that mean it’s going to be difficult to keep track of all these new passwords (even if they’re easy to remember)?
Yup – and that’s where a password manager comes in handy!
Keep track of all those passwords with a password manager
A password manager helps you access your passwords quickly and securely across all your sites.
There are a few types of password managers. In fact, pen and paper is still preferred by many – just make sure it’s in a secure location, as losing that could mean serious problems.
For those who prefer pen and paper, we recommend the BookFactory Password Journal (click HERE to visit).
If you’re more tech savvy, then you might like LastPass. It’s a free password manager that stores encrypted passwords online.
Finally, here’s a tool you can use to check your password strength: http://www.passwordmeter.com/
As you can see, the example password (“FrenchAppleMetalTree”) scored 72% (Strong) – and if we add a symbol at the end, we get 100%!
Now you know how to create a strong password. Here’s to safer browsing!
Let’s summarize everything so far. To stay secure online, you should:
- Update your passwords regularly.
- Use passphrases if you want to create strong passwords you can easily remember.
- Use unique passwords for every account you own.
- Get a password manager if you have a lot of different accounts (click here for a classic version, click here for a digital version).
We hope you found this article useful!
Stephen Goodwin says
Why not create your strong password, say ‘correcthorsebatterystaple’ then put the first two letters of the site (that you are creating the password for) at the front and back?
For example you want a password for your tax account, so that would be ‘tacorrecthorsebatterystapleta’ and the one for your bank account would be: ‘bacorrecthorsebatterystapleba’ and so on….
These passwords would be even harder to crack yet they would all be easy to remember without writing them down at all: no journal required!
GiddyUp says
This is brilliant! Thanks for sharing, Stephen – we’re going to update some of our passwords now 🙂
wrongway88 says
Just what I needed. Thankyou.
Rod Smith says
Thanks for the Info
Sharon Mabrey says
Great advice! Thanks
Patrice Gregoire says
Very good trick thanks
GiddyUp says
Glad it was useful to you, Patrice!
willie says
it is very good
Hector Guzman Jr says
Made It easy to. come update with a strong. password thanks for the Ideas.
Lois Ehrenfeld de Buren says
Love it! I have Last Pass & another google saver but if I allow the saved computer generated password to be used I sometimes find that the site I’m entering doesn’t accept the password, & of course I can never remember those passwords anyway. Thank you Stephen, brilliant idea.
Etty says
Like it
bryan charlewood says
very useful info will use next time i have to change a password