Every time a data breach happens, we mull over the susceptibility of the internet and consider changing our passwords. However, considering the time and mental energy needed to do a complete overhaul of all our account logins, at the end of the day, we still use our favorite passwords and tell ourselves “I won’t be that unlucky” to encounter a hacking incident. 

Does that describe your situation? You’re not an isolated case. According to a 2018 year end report, only one out of four Americans change their passwords after being informed of a data breach. 

To create strong passwords, cybersecurity experts tell us to:

  • Use up to 12 characters or longer
  • Avoid words from the dictionary, names, and places
  • Mix varied characters. Lower case, upper case, numbers and special characters
  • Not use birthdays, anniversaries, and other relevant character combinations
  • Not use passwords that came up on data breach lists. 

These rules work well, but the result is a truly random password that is hard to recall. It is difficult to find the balance between the necessity of a highly secure password with the utility of easily remembering them. That’s why even though it’s common knowledge that using a strong password is essential in keeping online data safe, but a lot of people still follow poor password hygiene—reusing weak passwords across accounts.

Below are three methods to create a secure password you can remember without resorting to password listing:

Take a sentence and turn it into a password

This is an effective way of creating strong passwords suggested by cybersecurity expert Bruce Schneier back in 2008 and still useful today: Create passwords from memorable sentences. People are better at remembering poems, life quotes, song lyrics or other unique sentences than random jumbled characters. You can try using every first letter of every word in the sentence and then add numbers, symbols, uppercase and lowercase.

Use a passphrase

You may have heard of passphrases. Some apps, such as Bitcoin promote the use of a 12-word seed for account access. The advantage of passphrases is—they are very long. This means they would take longer to crack using brute force. For example, the randomly generated passphrase: “expelled o girls vary ensure tariff billion careful gesture advisers frame pounds” has an approximate crack time of 1.2,978,794,473,171,561e+51 centuries.

When creating passphrases, you should follow these suggestions to make it harder to guess:

  • Keep it as long as possible (12 words)
  • Do not use names of your favorite celebrities, days of the week, or other common words. 
  • Avoid using phrases from famous literature
  • Do not use easily-typed spatial words such as qwerty or aaaaaaaa
  • Add special characters or symbols

Create strong passwords from keyboard patterns

Another method to create non-dictionary keywords is by taking advantage of your keyboard. Choose an initial key and draw your favorite patterns such as geometrical shapes, initials, constellations, and more. For example, a simple V-shape pattern could get you: “1qazse4”

You can easily add uppercase and special symbols by adding a shift key pattern to your desired shape. For example, using the initial key “3” from your keyboard and tracing a simple pyramid shape while alternating on the shift key would get you: “#rGnKo)9*7^5$.” Meanwhile, utilizing the same initial key and shape, you can use the shift key in every three characters which would get you “#rgNko)98&65$”

Other Solutions

Another way to make your online data secure is by using password managers or login security platforms such as single sign-on and multi-factor authentication solutions. Single sign-on allows users to utilize a single set of login credentials to several platforms. This promotes the use of a single strong password instead of multiple weak ones. On the other hand, multi-factor authentication requires the use of other authentication methods aside from the password  to permit access. 

However, any of the above methods would still require you to create at least one master password. Eliminate passwords with TraitWare, a passwordless single sign-on and multi-factor authentication solution for your logins. Instead of passwords, TraitWare leverages on your mobile device biometrics to authenticate your logins. You don’t need to worry about your passwords getting hacked if you don’t have them.