DEV Community

loading...
Cover image for How to create a secure password that you can remember

How to create a secure password that you can remember

Jorge Alvarez
I develop websites, sometimes they even work.
・2 min read

It's the eternal struggle, creating a strong password that is hard to crack yet easy to remember.

We are usually forced to use random letters uppercase and downcase, numbers and symbols and the password should be at least 8 characters long.

All of that is very good for security but very bad for our brains. If you try to remember: HP2Epzo&BTPuyQV chances are that you will end up writing it down on a piece of paper.

So here is the trick I use to generate passwords that are easy to memorize.

Use letters from a sentence

It has the perfect balance between security and rememberability.

Think of a sentence that you remember from a movie or from a song that you like and then use the first letter of each word to create the password.

To add an extra level of security you can:

  • Use the last letter from each word.
  • Alternate between the first and the last word.
  • Substitute one letter with a symbol like: # $ % & * . ,
  • Add numbers to the sentence if there are none.
  • Think of a song you don't like yet you know the lyrics instead of one that you like.

... be creative.

These are a couple of examples using Iron Maiden songs.

Fly on you way like an eagle, fly as high as the sun.

The resulting password is: foywlaefahats

Let's improve it a bit:

With an ampersand to join the two sentences: foywlae&fahats

Adding the year that the album was released: foywlae&fahats1983

Another example:

Oh Well, wherever, wherever you are, Iron Maiden's gonna get you, no matter how far.

The resulting password is: owwwyaimiggynmhf

That's a very good password by itself but we can spice it up.

Put Iron Maiden in uppercase: owwwyaIMiggynmhf

Add some numbers and symbols. I'm adding the year that the album was released and changing the first O with an asterisk.

The resulting password is: 1980*wwwyaIMiggynmhf

Summary

As you can see generating secure passwords that are easy to remember is not as hard as it may seems if you are creative.

Anyway what I would recommend you is to use a password manager if you can. Let them generate the passwords for you.

But even a password manager needs a password to open it and also there are other situations like starting a session in your computer, that requires you to enter a password.

With the help of your favorite movie/song and a bit of creativity you can create good passwords that are hard to crack and yet rememberable.

Discussion (9)

Collapse
belinde profile image
Franco Traversaro

I wrote, some time ago, a small article here on dev.to with another mind trick to generate and memorize different passwords for every website, using just only one "cerebral memory slot": fantastic passwords and how to generate them.

Collapse
aalphaindia profile image
Pawan Pawar

Good content!

Collapse
wparad profile image
Warren Parad

How does this help you remember which password goes to which application?

Collapse
jorgealvarez profile image
Jorge Alvarez Author

It doesn't.

Like I said in the summary using a password manager is the best option but for those cases where you can't avoid entering a password (like when starting your computer) this method can help you generate a strong password that you'll remember.

Collapse
wparad profile image
Warren Parad

Wouldn't it be better to use a federated login so that you don't have to remember passwords at all? There are so many of these that exist, why not use one?

Collapse
ohcubsfan profile image
OHCubsFan

Doesn't that open you up to losing access to multiple websites if, for some reason, you lose access to the "main" site? For example, if for some reason you lost access to your Google account, you would lose all access to any account where you used that as the login.

Collapse
wparad profile image
Warren Parad • Edited
  • Would you prefer that every room in your house is always locked with a different key?
  • Do you store those keys in separate pockets?
  • What do you do with your spare keys?
  • What happens when you lose your keyring, don't you just ask your building manager to get you a new one?

Comparing the state of tech to physical world should plainly show how ridiculous it is to use different user name and password on every site, doesn't it?

Collapse
jorgealvarez profile image
Jorge Alvarez Author

If you can, yes, use it. But there are many companies where that's not possible.

Collapse
jamieromanowski profile image
Jamie

picking songs from Iron Maiden and Peace of Mind for the win!