How to Create a Secure Password

Five steps to make a strong password you can remember

Strong, secure password field on computer screen
Laurence Dutton / Getty Images

While there's no such thing as a perfect password, a strong password can discourage hackers and send them on their way to find an easier victim. Secure passwords should never be a proper noun or a word in the dictionary. They must be complex enough to resist repetition attacks, but be intuitive enough so you can remember them.

The best way to create a secure password is to start with a simple base phrase and turn it into something much more complex. Here are five steps for creating a strong, useful password.

Store your strong password in a password manager. Password managers let you collect and store all of your passwords and login information for various accounts in one easy-to-access app

Start With a Base Word Phrase

Unpredictability is important for password strength. Nouns and names, such as "Seinfeld," "Bailey," or "cowboy," are easily predicted by hacker dictionary programs. Pet names and family names are unwise, as well, because hackers can easily guess them.

When creating your password, start with a base passphrase or sentence, and then turn it into an acronym. As long as the resulting acronym does not resemble a regular word, it will help resist hacker brute-force attacks.

To do this, choose a quotation or saying that is meaningful to you, and then turn it into an acronym. For example, use a favorite song lyric, a cliche from your childhood, or a quote from a favorite movie. The result is your base word.

Examples of Base Word Phrases and Their Acronyms

  • You know nothing, Jon Snow: yknjs
  • Never give up, never surrender: nguns
  • Can't see the forest for the trees: cstfftt
  • Put up or shut up: puosu
  • If the shoe fits, wear It: itsfwi
  • You can lead a horse to water: yclahtw
  • The last mile is always uphill: tlmiau
  • I think, therefore I am: ittia
  • Oh say can you see: oscys
  • Honey badger doesn't care: hbdc

Lengthen the Phrase

Password length is important because it adds complexity. A strong password is at least eight characters long. When a password reaches 15 characters, it becomes particularly resistant to hackers and their programs.

Now that you've chosen a base word (an acronym from a phrase), the next step is to lengthen it to 15 characters.

While a long password can be annoying to type, it slows down and discourages brute-force hacker attacks.

Lengthen your password by adding a special character and then the website name or a favorite number to the base phrase.

Examples of Lengthened Phrases

  • yknjs:1776
  • nguns-Amazon
  • cstfftt,Gmailme
  • puosu$Mac
  • itsfwi@Epinions
  • yclahtw#Win10
  • tlmiau.8675309
  • ittia#LWdotcom
  • oscys+PayPal
  • hbdc*Ebaymarket

Add Character Scrambling

Password strength increases significantly when you change some of the password letters into non-alphabetic characters, and then include uppercase and lowercase letters within the password.

This character scrambling uses the Shift key, numbers, punctuation marks, the @ or % symbols, and even semicolons and periods creatively. Using these unusual characters and numbers makes your password even less predictable to hackers using dictionary database attacks.

Examples of Character Scrambling

  • yknjs:!776
  • nguns-Amaz0n
  • Cstfftt,Gm@i!me
  • Puo5u.Mac
  • 1tsfwi$Epinions
  • Ycl@htw#Win10
  • 7lmiau.8675309
  • ittia#LWdotcom
  • o5cys+PayPal
  • hbd(*Ebaymark3t

Change Your Password Regularly

At work, the IT department may require you to change your password regularly. At home, change or rotate your passwords as a matter of good computer hygiene. If you use different passwords for different websites, which you should, rotate portions of your passwords every few weeks.

Rotating parts of the password instead of the entire password deters hackers from stealing your phrases. If you can memorize three or more strong passwords at the same time, then you are in good shape to resist brute-force hacker attacks.

Examples of Rotating Portions of Passwords

  • yknjs(Amaz0n
  • hbd:1776
  • nguns-Gm@ilm3
  • Cstfftt,Mac
  • Puo5u.Epinions
  • 1tsfwi@Win10
  • Ycl@htw#8675309
  • 7lmiau.LWdotcom
  • ittia#PayPal
  • o5cys*Ebaymark3t

Advanced Password Tips

Now that you've created your strong passwords, it's important to remember them. There are tools that can help. KeyWallet Password Manager, KeePass, and Roboform are drag-and-drop software tools that help you bypass hacker keylogger software. They work well because you can avoid typing your passwords entirely and let your mouse do the data entry.

Another idea is to employ a digital vault such as Password Safe. This kind of software creates personal lockers to keep all your passwords locked under one master password.