How To Create Secure And Easy To Remember Passwords

Background

For my Cybersecurity class, I had the opportunity to do an extra credit assignment that would teach a concept of internet safety to an audience that may not be familiar with it. I decided to do my assignment on how to create secure and easy-to-remember passwords that would be easy for someone who has vision loss to type and remember, and today will be sharing a copy of my assignment so that others can learn from it. Sorry in advance if you want French fries after reading this post!

Why using the same password is a bad idea

I know it can be tempting to use the same password for everything. It’s easy to remember and makes logging into websites so much faster. But don’t do this! If someone figures out the password to one account, then everything can be compromised. This is especially dangerous for email accounts, as if someone was able to get the password to a user’s email account, then they could change the passwords on all of the other accounts as well.

Some fun facts on guessing passwords

For a user that uses a password that contains a word in the dictionary, a password with 6-8 characters can be guessed by a password-cracking program in about thirty minutes. By adding things such as letters, numbers, and symbols, the time to guess a password increases to be several hours, days, weeks, months, or even years.

Creating a base password

One of my favorite tips for how to create secure and easy-to-remember passwords is to use a base password that changes for each website, adding characters, symbols, numbers, and other things to make it secure and unique. To demonstrate what this looks like, I will use the base password “frenchfries“.

Capitalization

Adding capital letters, especially at different intervals, makes passwords more difficult to guess. “frenchfries” can be upgraded to “FrenchFries” or “FrenchFrieS“, which is more difficult to guess while being easy to type.

Replace letters with numbers

Replacing letters with similar looking numbers within a word can help with security, especially if there are alternating numbers and letters. Using the “frenchfries” password, users can replace the vowels with corresponding similar looking numbers, so the password would be “fr3nchfr13s” instead. That would be much more difficult to guess, even for a machine.

Symbols

Adding symbols can help make passwords more secure too. For users that use modified keyboards, pick easy to reach symbols such as periods, quotes, exclamation points, or similar. Bonus points for combining numbers and symbols. Our base password can be improved by adding just one symbol, but more is always good. Some examples are “?frenchfries“, “frenchfrie$“, or “french.fries”.

Add an extra word or letters

Remember how a program could guess a short password in 30 minutes? Add on a few extra letters or words, maybe even creating a sentence for a password. Examples could be “omgfrenchfries” or “ilikefrenchfries“.

Add the website name

Here’s a cool password trick I learned to make passwords longer. Add the website name to the end of the base password so the password is easy to remember, yet different for each website. Bonus points for adding a symbol or capital letter! If I was logging into Twitter, my password could be “frenchfriestwitter” or “frenchfries.Twitter” to make it unique.

A note on password management software

There are many great password management and generator software, such as LastPass. However, if you frequently use accounts on devices that are not your own, such as in a computer lab, I would caution against having this software generate passwords, though having it store passwords is fine. It’s also worth noting that select websites may not support using password management tools- my university and bank are two examples of websites that do not support this.

Summary of how to create secure and easy to remember passwords

It’s important to use different passwords on websites and avoid using the same password, so that if there is a password leak, not all accounts are compromised
A password with 6-8 characters can be guessed by a password cracking software in about 30 minutes
One way to create secure and unique passwords is to have a base password and have a different version of that for each website
Add capital letters to the base password, or replace letters with numbers
Add an extra word or letters to the base password
Add the website name to the beginning or end of the password
Avoid having password management software generate passwords, as this can be difficult to use when accessing websites from other devices, i.e in a computer lab