9 Rules for Strong Passwords: How to Create and Remember Your Login Information

How To Choose Strong password

Strong passwords are required for online security; nevertheless, you must develop separate passwords that you can remember; otherwise, you may fall into the bad habit of using the same login credentials for many accounts. According to LogMeIn, the firm behind the LastPass password organizer, if you count all of your social media, streaming, bank accounts, and applications, you might easily have 85 passwords for all of your accounts.

Tip of the Week: How to Make Your Credentials More Memorable

What Not to Do There’s a tricky balance to strike when devising a password. On the one hand, you want it to be sufficiently secure, but on the other, you don’t want to make it too difficult to get back in for yourself, either. This is probably the reason that so many password rules and best practices are broken and ignored: user convenience. Let’s take a look at the top 15 results of some data compiled by the United Kingdom’s National Cyber Security Centre with the help of the security website Have I Been Pwned, regarding the most commonly breached passwords: 123456  123456789  qwerty  password 1111111  12345678  abc123  1234567  Password1 12345  1234567890 123123  000000  Iloveyou 1234 Just glancing over this list, you can very easily see how a few of the simplest password quality rules are broken – common words, common number strands, and hardly any mix of alphanumeric characters. It is probably also a safe bet that a person who would use a password like this would also be the person to repeat their password across accounts. This means that if one of their accounts were breached, they all would be rendered insecure.  Of course, now that we’ve clearly outlined the problem, we have a proposed strategy to help fix it. Using a Truly Random Passphrase One way that you can improve upon password security is known as the passphrase. Instead of using random characters, random words are used, helping to make it both more complicated and easier to remember. The web comic xkcd does a good job of explaining it: However, this opens us up to new issues – like the very human instinct to stick to a pattern of some sort. Good for survival, not so great when you’re looking for true randomness. This is why an IT professional named Arnold Reinhold developed a new method of generating a passphrase, called Diceware. Taking a die, roll it five times, taking note of the numbers you’ve rolled. Whatever the 5-digit number you produced was, find it on the official Diceware word list. That is now the first word of your passphrase. Repeat this process until you have six or seven words in your passphrase. This helps eliminate human bias from the selection process, making this process about as random as possible. Demonstrating Diceware in Action Rolling a die, I came up with 45656. Diceware says that’s “pleat.” My next roll came up 13211. “Bach.” 34663, making the next word “Julie.” 32135 means the next word is “gulp.” 32565, for a final word “choice” of “Hera.”  So, my new passphrase is “pleatBachJuliegulpHera.” Gibberish, yet still far more memorable than the alternative system. Remembering All These Passphrases So, with the “random” part of our concerns addressed, there is still the concern that remembering so many different passphrases may be a bit much to ask. This is why we recommend that you combine your use of passphrases with the use of a password manager. These handy programs secure all of your passwords (or passphrases) in a secure vault, ready for you to access with a single, master password (or passphrase). As a result, as long as you can remember one passphrase, you can use the password manager to handle the rest of your accounts. For help in implementing all of this […]