Great article from Barbara Marie Brannan on the problem with passwords.
This is wrong:
- The longer the password, the harder it is to crack. Consider a 12-character password or longer.
- Things to avoid: Names, places, dictionary words.
- Mix it up. Use variations on capitalization, spelling, numbers, and punctuation.
See the problem? Those kinds of passwords are difficult to remember. Put bre7E$ret98:!aZ into Password Checker Online and it gets an Excellent evaluation and a Strength at 99-percent. But it’s also impossible for most of us to remember the password, and since reusing a password is bad practice, we need many such complicated passwords, hence we need password managers.
The better solution:
Maybe you can find it easy to remember a sentence like “The first house I ever lived in was 613 Fake Street. Rent was $400 per month.” You can then turn that into a password by using the first digits of each word, so your password would become TfhIeliw613FS.Rw$4pm. This is a strong password at 21 digits. Sure, a true random password might include a few more numbers and symbols and upper-case letters scrambled around, but it’s not bad at all. You just need to remember two simple sentences, so it’s easy to remember.
Such a method also scores high on the Password Checker Online password security rankings.