In this day and age, strong passwords are an integral part of security and it’s a sad fact that many people are still using weak passwords, as well as using the exact same password for multiple accounts. Creating strong passwords is not at all difficult, it’s the remembering them part that causes most grief. I urge everyone to use a password manager which will not only remember strong passwords for you but, in most cases, also help you create strong passwords. I am using the free edition of Bitwarden and highly recommend it.
However, some people are not fond of password managers or struggle to come to terms with them. Every expert seems to have a personal recommendation for how to create strong yet easy to remember passwords. I am by no means an expert but I do believe my system is perfect for most people.
Create Strong Yet Easily Remembered Passwords
At the heart of my system is your motor vehicle registration number. Most people own a car and, even if you can’t remember your registration number, the car is usually somewhere close by. The number is unique to you and not known by very many people. In fact, I guarantee if you were to ask, even your closest friends or family will not know your motor vehicle registration number. Of course, personalized plates are an entirely different matter altogether.
Here in Australia, in most states, registration numbers consist of just three letters, a hyphen, and three numbers. The more numbers and letters the better but three of each plus a special character is enough to create very strong passwords. Say my registration number is 238-KXW. I then add the first letter of the site name for which I am creating an account at the beginning of the registration number and the last letter of the site name at the end of the registration number. For example, if I were creating an Amazon account, my password would then be a238-KXWn. Even with that short registration number, that’s nine characters including both upper case and lower case letters, numbers, and a special character. Let’s now submit that password to My1 Login’s password tester and see how it rates:
Let’s try another, this time for Daves Computer Tips. It’s up to you how you split the initials for sites with more than one word in the title but, in this case, I’m going to split with one initial at the beginning and two initials at the end. So the password would be d238-KXWct.
Note how the addition of just one extra lower case letter massively increases the strength of the password. Let’s try that again this time with a longer registration number. Say the registration number is 223-PWM-92 and we’ll use an eBay account as the example. Your password would then be e223-PWM-92y:
This way, you can use essentially the same password for multiple accounts and easily remember the password for each individual site.
IMPORTANT NOTE: I would not recommend this method for creating passwords for sensitive accounts such as financial institutions, PayPal, etc. In these cases, I would recommend creating a very strong and totally unique password, writing it down somewhere, and then keeping that written record in a safe place away from prying eyes. That said, the method as described above is perfect for every day, non-sensitive accounts.
Overall though, I do recommend using some sort of password manager. Check out my earlier article: Best Free Password Manager. Since writing that article, I have started using Bitwarden Password Manager and can highly recommend it.
FURTHER READING:
How To Make An Unforgettable Password (Dick explains his method)
How To Password Protect Word Document
How To – Can’t Remember WiFi Password
Best Free Password Manager
—
Hi Jim,
I hope that many people will latch on to your password suggestion which I have been using for many years with the exception of the sites initials being before and after the middle hyphen.
It is also a great suggestion to have the passwords strength checked, I generally use ‘Password Haystack’ checker on Steve Gibson’s site, GRC Research Labs.
Thanks,
Jonno
Hey Jonno,
Doesn’t really matter where the initials go, as long as they’re in the same position each time. Before and after the hyphen is as good as anywhere.
Cheers mate
No matter how creative, no password creation scheme would be complete w/o a reference to the substantially revised guidelines of NIST (Special Publication) #800-63. Enzoic.com provides/summarizes some of the more surprising SP recommended password practices.