Creating a Secure and Memorable Password

With my impending job change, I think it’s about time I create a new password. I haven’t had a new password for many years (horrible, I know). I have tried a few over the years but they’ve all been thrown to the wayside in the way of my current password (which is an awesome one, just old).

After a quick spot of googling I found this page at Microsoft.com. This is a simple article yet it helps the layperson work out a secure and memorable password. I do however have a few gripes with Microsoft’s method. I don’t like the first letter idea as it’s not a password you can pronounce. I like a password I can rattle off like a word in my head; I find this makes it easier to remember. My current password is like this with a few numbers thrown in the mix and special characters surrounding it. The special characters up the complexity (in turn reducing the guessability) of the password considerably, yet once you know them are easy to remember. See this article on why special characters are so useful in passwords. Particularly note this section:

Introducing at least one “special character”, makes the password extremely difficult to brute force, usually the bad guys don’t even try brute forcing trying any special characters, as it takes an impossibility long time to try all the combinations inclusive of special characters.

I prefer to use a series of consonants with a few vowels thrown in. I like to take Microsoft’s method (Take a sentence or two: “What a lovely day today is”) and grab the first few letters (whatever suits your taste) to form something along these lines: whalodatodis. From this you can throw a number somewhere in the mix (most people put their numbers at the end, so naturally I don’t suggest you put them there!). Try something like whalo1dato6dis. From here you can use special characters where you like. I quite like to encapsulate things in parentheses or similar, achieving something like this: [whalo1dato6dis] or even whalo(1dato)6dis if you’re feeling adventurous.

Feel free to shuffle things around as necessary. As you can see this presents something you will eventually be able to roll off the fingers - it may take a few days to master! My current password is also effective in that it works left to right on the keyboard, so the lack of touch-typing skills I posses is not a problem.

Written on July 13, 2010