Easy Ways To Create Tough Passwords

Last week Twitter discovered a breach in their system that could have allowed someone to download the passwords of every user of their platform. They send out a message recommending that everyone change their passwords as a just in case measure, while indicating that they didn’t think anyone else had discovered the issue.


geralt @ Pixabay

There was a lot of grumbling about it; not the breach itself but in the need to create new passwords. I understand it; I hate changing passwords all the time myself. However, I don’t think my issue is the same as the issue of many others.

Most of the complaints I saw online were about having to find a way to remember the new password because too many people use the same exact password for almost all the sites they visit. That’s almost as lazy as creating easy to break passwords, but once again I can identify with it… sort of.

In the early days of being online, we didn’t have all that many people breaking into systems to steal passwords. Thus, I always used the same username and password for all the sites I joined. This was in the days before we did things like online banking and social media outside of blogging; the late 90’s felt like kindergarten compared to what we have now.

What we have now are people with both technology and grit who are trying to break into sites where we’ve stored passwords to help things move along faster. How many times do we have to read where people’s Twitter accounts, blogs, iPhone storage accounts or other social media sites have been hacked before people start taking security seriously? Making it easy for your information to be discovered is lunacy.

I’m here to help… as always! 🙂 I’m going to offer some suggestions for creating “harder” to break passwords that should end up being easier for you to remember that will afford you a bit more comfort on the back end.

Before I go that route, I want to remind anyone using a WordPress blog or website that you can protect your site better by using a plugin called Limit Login Attempts Reloaded. It used to have the same name only without “reloaded” but that version wasn’t updated and this one is… working the settings are exactly the same and I hope you think about my recommendations from this post written just last year.

For everything else, we’re shooting for passwords that are at least 14 characters; most of mine are 16 or more. Let’s get started!

1. If you have at least 3 favorite TV shows or movies, you’ll probably know of relatively long names in some of those shows that aren’t necessarily obvious. It doesn’t even have to be a favorite; just something that sticks out for you.


ErikaWittlieb @ Pixabay

For instance, even though I wasn’t overly crazy about this movie, Dark Crystal gave us the word “gelfling”. It’s uncommon and not a word anyone would guess outright (unless it’s your favorite movie and you’ve told everyone about it) so it’s a good first step. Capitalize a couple of those letters to make it harder to crack.

2. I hear you now; “hey, that’s only 8 characters”. True, but we’re not done yet. If Dark Crystal was your movie, you can add a number code to it that should also be easy. Take the word “dark” for example. The number equivalent for that word is 4-1-18-11. If you added that to either the beginning, middle or end of gelfling you’d have a 14-character password that you’d probably remember.

3. You can also make it a bit harder by looking at a longer word like “crystal” and leaving out the vowel. This makes the numbers 3-18-25-19-20-12. Adding that to gelfling makes it a 19-character password; it’s harder to remember than the first one but all you’d have to remember to remind yourself of what it is would be the word “crystal”. If you needed to add the “1” to the mix that’s fine also; an extra character never hurts.

4. A lot of people like adding symbols to their passwords. Things like @, $, and ? work nicely, but some sites don’t accept symbols. The other problem with this is that most people use them in places where they make too much sense to use them, such as @ instead of “a” and $ instead of “s”. Not only should you break that up but putting multiple characters in a password is smart to do if you can remember where you’ve put them.

5. While thinking about favorite shows, why not put together the names of your favorite characters from different shows or movies? For instance, one of my favorite movies of all time (actually, it’s ranked #1 for me lol) is Independence Day, and I love Will Smith’s character, whose name is Steven Hiller. Another favorite movie of mine is the Muppet Movie (go ahead and laugh!), and my favorite Muppet of all time is Kermit the Frog.

If I wanted to, I could go with something like “HillerKermitFrog” as a password and add a couple of numbers or symbols to it. It’s something I’d easy remember because I’d easy remember what I based my password off (this isn’t my password so don’t try lol). For instance, I could add the numbers 96 and 79 to it, which are the years both movies came out. That’s a pretty strong 20-character password that would take someone a lot of time to crack, especially if I threw in a symbol or two.

6. Think about using a favorite phrase or saying. I don’t know anyone who doesn’t have a favorite or memorable quote or line from a movie, book or song. If you remove the spaces, that would be a fairly tough password to crack. That’s because people may know phrases, but the software created to crack passwords don’t know phrases. Even if they do, changing up something here and there by adding capital letters will stall the process.

For instance, one of my favorite phrases is from a Bugs Bunny cartoon: “I ain’t never done nothin’ to no one who ain’t done nothin’ to me first.” Yeah, it’s silly and stated incorrectly, but it would make a great, long password. Imagine doing something like this: IaintneverdoneNothintonoonewhoaintdoneNothintomefirst. That’s 52 letters; what program is going to crack that one quickly… if ever? That and there’s only 3 capital letters in it; from my perspective this would be easy to remember.

It doesn’t have to be a quote as long as this one; it just has to be memorable to you. What about ItwasthebestoftimesItwastheworstoftimes? This one’s 39 letters, and one of those most famous quotes in history (whether or not you read the book). If your quote is from a book less well known, a movie that’s stuck in your mind, a song lyric… it’s a better password than “password” any day of the week! 🙂

Those are just a few ideas to show how simple it actually is to create tough passwords to help protect yourself across the internet. You might think about musical artists instead of movies, athletes instead of actors. Just don’t make it so obvious that your friends could figure it out; that negates the entire process. 🙂
 

Digiprove sealCopyright secured by Digiprove © 2018 Mitch Mitchell

24 comments on “Easy Ways To Create Tough Passwords

  • Interesting, you use a similar approach to creating passwords as I do.

    My format is:

    (NAME OF SOMETHING I REMEMBER) (SYMBOL i.e. / $ or #) (NUMBER COMBINATION (SYMBOL) (NAME OF SOMETHING I REMEMBER)

    Reply
  • Kundan Maurya says:

    Very creative ideas to create tough passwords. Thanks for sharing this type of posts.

    My approach- [any symbols]+[name of the things]+[some numbers]

    Reply
  • This approach is exactly what i have right now with my current password but from what i have heard and after the wiki leaks revalations i dont think so passwords matter.
    NSA knows loop holes to our devices that give them direct access so it does’nt matter.
    thats what i think

    Reply
    • The point here is to protect yourself from those folks looking to try to steal your passwords for monetary gain. The government is a much different beast to deal with; we all know they have programs that could get into our computers in a heartbeat; I think one was called Carnivore. Still, you can even delay the government for a short period of time; it’s better than doing nothing.

      Reply
  • The password strength is very important in order to protect our online accounts. It should be alpha-numeric, mixed with numbers, characters, and special characters. I always create unique passwords which are created based on my personal interests, hobbies etc.

    I appreciate the tips you shared in this post. They are very informative and useful.

    Take care,

    Reply
  • Hi Mitch, Websites usually don’t allow unlimited tries to log in. But most of the time passwords are being hacked using a different way anyway. Usually, the attacker gains access to a copy of the password database of a website. If the passwords are saved in plain text, his work is done. But in most cases, these databases only contain hash values of passwords. A hash value is generated by putting the password into a hash function. What’s special about the hash function is that it can’t be easily reversed. It is easy to compute the hash value for a password but to get a password that belongs to a hash value, you need to try all possible passwords until you find that one that generates that particular hash value. When you log in to a website, your password is sent to the server, but never saved on it. The server takes you a password and computes its hash value. If the computed hash value is the same that is saved in the database, the server knows that the password is correct.

    You have given nice information thank you.

    Jeevan Shetty
    Jeevan shetty recently posted…Anand Ahuja Wiki | Netwoth | Family | Age | Lifestyle | Business-WalikaliMy Profile

    Reply
    • Interesting information Jeevan. Most users luckily won’t have to worry about that much detail unless it’s their own websites. You can never stop someone who’s determined to break into your site by any means necessary, but making it hard on them makes them shoot for the low hanging fruit and might encourage them to leave you alone.

      Reply
  • Sometimes this password things make me laugh. Sure we need to make it almost unbreakable but for some people like me, “difficult” password potentialy make a problem in the future because I rarely remember unique password (Let’s say 1 account 1 password).

    One trick I use is using same (difficult) words in the beginning and followed by name of the domain for example mydifficultwordfacebook, or mydifficultwordtwitter. By doing that I only need to remember 1 word, that is my difficult word.

    Thank for sharing anyway
    Kate Mitchell recently posted…How to Lose 20 Pounds in 2 Months The Right WayMy Profile

    Reply
    • Easy can be defined in many ways. My hope with this post was to show people that easy to remember things can also be long and hard to crack. Nothing’s perfect but longer is better.

      Reply
  • Fun article, will definitely use .5 (name of movie, name of main character, date the movie came out..) I never thought of it hahaha this is great

    Reply
  • I must admit, I’ve never thought of an easy but hard password LOL I guess because I switch so many emails all the time, it get blinded by all the password changes.

    One thing I like to do is choose the first thing I see when I look around, and then I pick the next thing and marry the two with a random number 🙂
    Rob P. recently posted…How Do You Dispute Something On Your Credit ReportMy Profile

    Reply
  • James Lance says:

    Interesting article, the problem is that with so many different sites to join these days, the number of different passwords that you require is getting larger and larger. I generally use the same base and then add different random number and symbol combinations, although this can make it difficult to remember for each site.

    Reply
  • I was using only numbers and words for a few years but then I realized the value of adding special characters and making the password tougher. But your article goes into more deep on securing it more better way. Good Article I will use your technique now.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

CommentLuv badge