How to Create a Secure Password

This post may contain affiliate links, meaning at no additional cost to you I may earn a small commission when you click a product or company link. As an Amazon Associate I earn from qualifying purchases.

Creating secure passwords is annoying, right?

Like, how am I supposed to create a secure password with the right number of letters, numbers, symbols, and length…

And then actually remember it, and the other one-hundred-thousand-million passwords I have, and every other little aspect of life that I’m supposed to remember as a mom?  I mean, I can barely remember if I took a shower yesterday. Pleeeeeease don’t ask me to remember a random combination of characters for checking my bank balance.

It’s enough to make anyone throw up their hands in despair and just use the same password for everything. Have I been there? Yes, yes, I have.

But wait!

We know that reusing passwords is a bad idea, right? So what’s a mom to do when she just wants to protect her family’s important accounts without going crazy in the process?

Fortunately, there’s a better way. Here are some simple do’s and don’ts for creating secure passwords… And remembering them WITHOUT having to reuse them.

First off, what is NOT creating a secure password?

  • Using the same password on multiple sites. If hackers get into one site with a shared password, you can pretty much guarantee they’ll get into all of them.
  • Using a simple dictionary word. “coffee” might be an amazingly awesome dictionary word, but it’s NOT an awesome password, no matter how easy it is to remember.

Why? Well, hackers know how to use dictionaries too. As part of my computer security training, I had to learn how to hack into (fake) accounts so that I could better understand how to defend against hackers.

At least one lab assignment involved cracking passwords using actual tools that hackers use–these tools come equipped with complete dictionaries of possible passwords… both common and not-so-common words.

(If you don’t want to know more about the details of how an account compromise works, you can skip this part. But a hacker doesn’t even have to be online to guess your password. When you hear about a company like Facebook experiencing a security breach, what that often means is the hackers got access to what’s called a password hash file. So the hackers will then use the same algorithm to hash possible passwords and compare them to the hashes in the file to see if they got the right password. But I digress.)

  • Using a simple dictionary word with just a couple “unusual” variations. For example, “Coff33,” where you’re capitalizing our favorite word and swapping the “e’s” out for “3’s” may look clever and tricky, but guess what? You remember those tools hackers use to guess your password? Those tools can make simple substitutions pretty easily too.

You’ve probably seen or tried ideas like these:

  • Switching up capitalization
  • Swapping letters for numbers or symbols (“1” for “i” or “@” for “a,” for example)
  • Adding a number to the beginning or end of a word (“password1” or “coffee1992”)

These ideas aren’t bad in and of themselves, but if they’re the only solution you’re depending on to create a secure password, they’re not enough.

Better secure password creation options

The fundamental problem is this: modern computers are fast, and a hacker can reasonably try every possible combination of characters for shorter passwords. That’s why it doesn’t matter how complex your password is if it’s too short. So the basic rule for creating secure passwords is, the longer and the more random, the better. Here are some ideas for adding some length and complexity.

  • Use a passphrase instead of a password. For example, maybe you decide to use “Humpty Dumpty sat on a wall.” Then add in some of those number/letter/symbol substitutions we mentioned above to add a little more randomness.
  • Make your passphrase unusual. “Humpty Dumpty sat on a wall” is a pretty common phrase. So if a hacker had a phrase dictionary in addition to his word dictionary, there’s a good chance it would be there. But what if you mixed it up and decided that “Humpty Dumpty l0ve5 his c0ff33!”?
  • Use a quote you love. Something I’ve seen people use a lot in Christian circles is a Bible verse. For example, you might take Psalm 23:1, “The Lord is my shepherd, I shall not want.” You could use that phrase as is, or, what I’ve seen some people do is take the the first letter of each word in the quote.So the Psalm 23 verse might become, “P23:1TLims,Isnw.” You could mix that up even more with a few substitutions and turn it into “P23:1TL!m5,Isnw.1992”

Best option for creating a secure password

The absolute best way to create a secure password is to make it completely random. You can find programs online that will help you generate random strings of text. If you include letters, numbers, and special characters and make it as long as possible, then you’ll have a very secure password.

Now here’s the thing. Once you start talking about long, random passwords, they become impossible to remember. And that is why so many of us end up reusing passwords, right?

So here’s what I suggest. The password solution I’ve been using for several years now is a password manager. There are a few options, but the one I’ve personally used is LastPass.

If you have never used a password manager or are not familiar with the concept, the idea is that it’s a vault for all of your passwords. You create one super-secure password to remember for that one site, and then you can let the password manager do the rest of the work for you. It will even help you generate those totally random, super-long passwords for all your other accounts.

I love how easy it is to use LastPass. The browser plugins work beautifully (just navigate to a site and watch it magically fill in your username and password), and the phone apps make it simple to access your accounts no matter where you are.

Check out my post on how to use LastPass here.

Is it ever OK to write down your passwords?

I’m going to share with you one last tip that my husband once shared with me. (I know he read it somewhere, but I don’t remember the source, so my apologies to the originator.)

Some may disagree on this one, but I’m going to tell you that if you have difficulty remembering your very complex password, write it down.

BUT that’s on one, very important condition. You need to protect the paper that password is written on the same way you would protect a one hundred dollar bill. Because that paper is the key to all of your accounts.

Before you put that paper anywhere, ask yourself, “Would I put a hundred dollar bill here?” If the answer is no, don’t do it. Would you leave it hiding under your computer? Sitting in your desk drawer? Taped to your wall?

I’m going to guess you’d probably leave it in your wallet or in a safe. Do the same with your password, and I think you’ll be fine.

P.S. You definitely want secure passwords… But they’re not really enough. Check out this post for what else you need to keep your accounts secure.

Did you find this content valuable? I always appreciate a share with your followers on social media!

Creating secure passwords that you can keep track of is pretty easy once you know how. Here are tips for creating passwords that will actually protect your accounts... And suggestions that will keep you from that "I forgot my password" button.

Leave a Comment