Click to make text smaller Click to reset text size Click to make text larger
Good Passwords You Can Remember

How to pick a good password that is hard to guess or hack and one that you can remember? That is a dilemma we all face on a frequent basis.

Good Password Characteristics Good passwords have at least some of the following characteristics:
  • They are at least 8 characters long. Generally the longer the password the harder it is to break.
  • Good passwords should be a mix of both alpha and numeric characters.
  • No words listed in any dictionary should be used. Hackers love this and even a PC can try thousands of dictionary words in seconds.
  • Passwords should be easy to remember so you don’t have to write them down.
  • Yeah right and how do I do that? Hang on and I will show you some ways to create good passwords that you can remember.

Password Hacks/Attacks

There are 4 basic ways to break a password.

  • Any password can be broken given enough time and computer cycles. This is called a brute force attack. Generally the longer the password the longer it takes to break it.
  • Dictionary attacks- The hacker just tries all or many of the words in the dictionary usually starting with the short common ones like “cat”, “dog” etc.
  • Personal attacks – A hacker doesn’t have to know you personally to use this kind of attack. Just your phone number, name, address etc.
  • Insider attacks – someone at work sees your password written on a piece of paper, sees you type it in, or heaven forbid you give it to someone. No one can protect you against the last one but you.

How to Create Good Passwords You Can Remember

We need good passwords so that they are difficult to break, hack or guess. That way the hacker will go on to someone else and leave you alone.

Random and meaningless character strings or long numbers are hard to break. If you have a very good memory, so you don’t have to write it down, these random strings or numbers make good passwords if they are at least 6-8 characters long. Like “abrzxtyn”. Problem is even at just 8 characters these strings are hard to remember for most of us. If you have a very good memory go for it, but don’t right it down and don’t forget it.

What if you could take a common number that is easy for you to remember and convert it into a number that is as long as you want and meaningless to anyone else? You can.

Take two words from the dictionary that are at least 4 characters each. I know I said don’t use words out of a dictionary – hang on. Now reverse the order of the letters and put them back together. Example – “dump” and “blade” yields “pmud” and “edalb”. Now put them together “pmudedalb”. Most of us can remember two words with a little effort.

Suppose your street address is 2572 some street, USA. Take the reciprocal i.e. 1/x of the numeric address. 1/2572 = 3.8880248833592534992223950233281e-4. Drop the decimal and take as many digits as the system will allow for your password. Like the first eight digits - 38880248. All you have to remember is your street address and 1/X. Now even you don’t know your password until you need it. When you are ready to change your password just use the reciprocal with say, your grandma’s phone number.

Or how about X^2/squareroot(x) where x is a number you can remember like grandma’s phone number. Again drop decimals if need be.

Oh, by the way since the most of the methods above usually yield long numbers if you need multiple passwords for systems that require or allow different password lengths just use that same long number and take the first x numbers depending on the maximum allowed password for the system.

What a deal. One number you can remember, one little old formula like 1/x and you have lots of passwords and even if you have to do division by hand (who does that anymore) you can always determine the right password.

Ok, now if you really want to drive the hackers nuts: Take that number you can remember and convert it to a different number base like binary, or octal or base 12. Most calculators will handle at least some of these conversions. Take the imaginary phone number of 2254971. Convert it to binary (base 2) 10001001101. That’s 11 digits and even though it’s only 0’s and 1’s the hacker has to get those 11 digits in exactly the right order Guessing your phone number does the hacker no good unless he also knows you converted it to binary or base 2.

One more example – suppose you pick a number that you can remember and convert it to base 15 or base 11 or base xx – that number is now C87E66B7. The best of all worlds – characters and numbers, eight places long and totally meaningless to anyone but you unless you write it down somewhere.

Now that you have the idea you can create your own methods. Just remember, follow the rules for good passwords and don’t share the methodology or function you used to generate your password. Even if they know some of your easy numbers it will be very difficult to determine your password. Most hackers won’t waste the time, they will go on to someone else.

Now you have passwords you can remember and that meet all or most of the requirements for good passwords.