In the online world, security plays a role in all online activities. Passwords are the most commonly used method to limit access to specific people. In my previous article I discussed assessing the relative value of systems protected by passwords, and grouping passwords across locations with similar trustworthiness.

In a nutshell, don’t bother creating and remembering strong passwords for low value systems, and certainly don’t use the same passwords for low value systems that you use in high value systems.

In this article, I’ll discuss how to create a strong password, and how to keep track of all your strong passwords, if you have a definite need to keep more than a couple.

In a nutshell, don’t bother creating and remembering strong passwords for low value systems, and certainly don’t use the same passwords for low value systems that you use in high value systems

Creating memorable strong passwords

A strong password is made up of several different types of characters, and isn’t a name or word in a dictionary. Many systems that require strong passwords will check any password you try to create against a set of rules. These rules often specify a minimum length, and that your password includes characters from at least three of the following four groups:

Character Groups

The exact list of allowed symbols vary depending on the system. Some systems allow spaces in passwords, while others don’t. A particular system might also have an international character set that includes other letters or characters.

Time after time, people forced to use strong passwords come up with some gobbledygook thing like “v7GT%Xz2.” Leave a computer to generate a password for you, and you could well end up with something like that. And the next thing that happens is they’ve forgotten it and need to call the administrator for a new one. It’s certainly a strong password, but if you can’t remember it, and don’t store it in a safe place, it’s not an effective password.

I suggest using one of three strategies for creating strong passwords you can remember:

1. Create a password using a mnemonic device
2. Create a password using a word list with some variation
3. Create completely random passwords and store them securely.

Use a mnemonic device

Remember learning about mnemonics? Not Ebonics, that’s something different. A mnemonic is a phrase or word to help you remember complicated or otherwise difficult to remember data. For example, ROY G BIV tells me the colors of the rainbow: Red, Orange, Yellow, Green, Blue, Indigo, and Violet—the letters in the name give you the sequence of the colors.

You can make up a phrase to remember a password, or make up a password based on a phrase that means something to you and nobody else

Jesus Christ Made Seattle Under Protest. No, not because there’s so many heathen folk running about—this is a local mnemonic for remembering the order of downtown Seattle’s streets, from south to north: Jefferson, James, Cherry, Columbia, Marion, Madison, Spring, Seneca, University, Union, Pike, Pine.

You can make up a phrase to remember a password, or make up a password based on a phrase that means something to you and nobody else. For example, our earlier “vhGT%Xz2” could become “Ve haven’t Gotten Ten percent Hex sleep, too!” or some similarly silly meaningless phrase. Our brains are capable of easily substituting one symbol for another. I wouldn’t trust this phrase for a password I only used occasionally, but for one you use several times a day, you’ll remember it in no time.