I’m a security editor and this is how I create strong passwords that are also easy to remember
Just because a password is easy to remember doesn’t mean it’s less secure if you follow these tips
As the number of online accounts and services we use everyday has increased significantly over the last few years, you may find it difficult to come up with strong and unique passwords for each of them.
Unfortunately, this leads many people to reuse passwords across multiple accounts which puts them at a much higher risk of being hacked. The reason being is that if a hacker gets the credentials for one account, they will try to use them to access your other accounts through a process called credential stuffing.
While you can use one of the best password managers to not only store all of your passwords securely in one place but to generate new, strong passwords that are harder to crack, not everyone wants to use a password manager — especially after the recent LastPass hack.
Even though all of the top password manager companies and even some of the best antivirus software firms offer free password generators online, you can also create strong and unique passwords on your own. These are some of the tricks I use when coming up with strong passwords for my online accounts that are also easy to remember.
Every account needs its own password, use this to your advantage
People often use the names of loved ones, pets, their favorite sports team or other personal information in their passwords. While this makes their passwords easier to remember, it’s a terrible idea.
Whether you like it or not, a lot of personal information about you can easily be gleaned from the web. For instance if someone adds you on Facebook, they now know your favorite movies, books, sports teams and more which they can use when trying to guess your passwords.
Since you need a strong, unique password for each one of your online accounts, why not use the name of the service or what it does instead. I’m not talking about simply using “netflix1234” for your Netflix password. Instead, you can use parts of the service’s name like “net” or “flix” or even the whole name — granted you break it up with an underscore or use a mix of capitalized and lowercase letters.
With enough symbols, numbers and uppercase and lowercase letters, you can create a strong password that’s also easy to remember. Just be careful about sharing your Netflix password if you don’t want to pay more for the service.
Use an underscore between words or parts of words
When it comes to making your own strong passwords, underscores are your friend. An underscore or a “_” is a great symbol to use between words or parts of words.
Going back to our Netflix example above, you could break up the service’s name into two parts using an underscore like this: net_flix. Capitalize the first letter of each part (Net_Flix) and you’re even closer to having a strong password that’s easy to remember.
To make it even harder to crack though, you can also mix up where you capitalize the letters in each part of Netflix like this “nEt_fliX”. I’m guessing some people already use the names of services or companies as their passwords but by mixing up the letters and their capitalization while using plenty of underscores or other symbols, you will be able to remember your password but hackers will have a much harder time guessing it.
Check the time to add numbers to your password
Besides a mix of uppercase and lowercase letters and symbols, your passwords also need numbers to help make them more secure.
While people often use their birthdays, a loved one’s birthday or the year they graduated, I recently came up with an even better idea when changing one of my own passwords.
As I was putting the finishing touches on my new password, I knew I had to add some numbers at the end. Instead of picking a random series of numbers, I looked at the smart display under my monitor instead. I knew the time it displayed at that exact moment wouldn’t be easy to guess so I added it to the end of my password.
Let’s add some numbers to our Netflix password from earlier. So instead of just “nEt_fliX” it now reads “nEt_fliX_1038” as the current time as I’m writing this is 10:38. Since I use 24-hour time on all of my clocks, it gives me even more number combinations to work with.
Even strong passwords become less effective over time
So now you know how to create strong, unique passwords for all of your online accounts that are also easy to remember. Keep in mind though that passwords become less effective over time even if they’re as strong as can be. The reason being, your passwords could have been exposed in a data breach.
Data breaches happen and since hackers and cybercriminals often target large corporations and businesses, there’s nothing you can really do about it. However, you can stay a step ahead of hackers by frequently changing your passwords. In a blog post, the cybersecurity firm McAfee recommends you change your passwords every three months. Can’t remember the last time you changed your password? Easy – set a calendar reminder each time you do so you’ll be prepared for your next password change.
If this is your first time trying to come up with strong passwords on your own, you can also use a service like PasswordMonster’s Password Strength Meter to check the security of your new password before you change it. What I like about this service is that it also tells you how long it would take a hacker to crack your new password.
For instance as you can see in the picture above, our Netflix password example would take 3 million years to crack. There are plenty of other similar services out there, just make sure they openly state that they don’t store your password ideas, though it might be best to tweak them slightly before changing your current password.
When in doubt though, it’s still probably best to use a password generator. However, this is one option to consider if you don’t want to use a password manager or think that these long, complex, nonsensical passwords rife with letters, numbers and symbols will be so difficult to remember you’ll want to write them down on paper which is another thing to avoid.
Interested in the tricks hackers you use in their attacks? Here's why you want to be extra careful when you see an email about an unpaid invoice in your inbox.
Sign up to get the BEST of Tom's Guide direct to your inbox.
Here at Tom’s Guide our expert editors are committed to bringing you the best news, reviews and guides to help you stay informed and ahead of the curve!
Anthony Spadafora is the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to password managers and the best way to cover your whole home or business with Wi-Fi. Before joining the team, he wrote for ITProPortal while living in Korea and later for TechRadar Pro after moving back to the US. Based in Houston, Texas, when he’s not writing Anthony can be found tinkering with PCs and game consoles, managing cables and upgrading his smart home.