Creating strong passwords you can remember

Updated 15/04/2020

In a world where we have an account for almost everything we do online, whether that is shopping, social media, reading our emails or using web apps, there is always one thing they share in common: one way or another, we need to set a password for our account. At SwiftCase, we pride ourselves on providing a number of security features, such as two-factor authentication and data encryption, to keep your user accounts safe. But our first suggestion to creating a more secure working environment starts at the very beginning: choose a strong password.

The standard password checks

The tried and tested formula for producing a good password always takes into account the following:
  • Use a long character length There is no consensus on what the best length for a password is, but the longer the better. Try to use an absolute minimum of 8 characters but ideally over 12 characters.
  • Combine a variety of upper-case, lower-case, numbers and special characters Using a combination of different characters makes it much more difficult to guess or brute-force your password.
  • Avoid using common words and personal information Easily guessed information, such as your address, birthday, or simply words found in the dictionary.
  • Use strong character substitutions A password is not necessarily strong just because an obvious letter has been replaced by a number that matches. ‘Sw!ftc4s3’ is not a very strong password, for example, despite reaching the the minimum requirements for many strong password checks.
  • Don’t use the same password on every system After a number of high profile leaks over the past few years, including the likes of Adobe, eBay and Yahoo, using different passwords for your online accounts is more important than ever.
In SwiftCase, your system can be configured to use minimum password requirements for your users, allowing you to enforce these security measures if required.

Generating strong, cryptic passwords that are easier to remember

One of the best methods of creating a stronger password that is easier to remember is to come up with a fairly long, personal sentence that can be used to produce an obscure, but oddly memorable password. igM1j@16yO,s90Mc&mTC£4.5 Is a strong password, at a huge 24 characters, but is very difficult to remember. Until you break it down like so: “I got my first job at 16 years old, spent 90 minutes commuting and my ticket cost £4.50”. By taking a phrase that is personal to you and easy to remember, it makes memorising a long and difficult password a much more manageable task.

Using a random combination of words

Many dispute that using a randomised method of producing a long and complicated password is the optimal password choice due to the sheer likelihood of not remembering it or writing down/saving it instead (which in many ways, defeats the purpose of a long, secure password) and suggest you would be better off using a combination of randomised words instead. The idea behind this method is that you would choose a combination of completely random words and put them together to create a much more memorable but just as secure password as a randomly generated one. XKCD covered this many years ago and still maintains relevance today, their comic suggests that this method is actually more secure than the traditional method of creating a generated password. Due to the advancement in modern password-cracking technology, it is now suggested you choose seven random words as opposed to the four originally suggested, and this method only really works if the words are random, not a sentence you would be expected to use. For example, the sentence: “We live in a nice quiet neighbourhood” Doesn’t work quite as well as a randomised set of words: “butter obscure frame capacity realm education eagle” This method makes it significantly easier to remember a long but secure password due to the use of real words.

Further action

Whatever method you decide to use to create a strong password, password strength is important as it is your first line of security against data breaching. Other factors to consider when you’re using an online account is to ensure you don’t save your username/password if you are using a public device and if multiple people are using your machine, log out of your account. SwiftCase provides a number of optional security features to ensure your information is safe, including IP-based locking and automatic password renewal to prompt your users to change their password after a particular period of time. If you’re an existing customer or a new customer who would like to query these features – get in touch today.
Comments are closed.