Blog »
How to create a ‘super password’

How to create a ‘super password’

Most of my passwords are around 8 characters in length. According to a recent report published by the Georgia Institute of Technology these "wimpy eight-letter passwords" can be cracked in less than two hours. On the other hand, using the same password-cracking technology, a 12 character password takes 17,134 years to crack. Not having thoroughly researched the subject, I don't know what is possible, but I've seen TV shows break passwords in no time at all.

In his article at cnn.com, John D. Sutter wrote that "passwords have gotten longer over time, and security experts are already recommending that people use full sentences as passwords." So for example, instead of my normal passwords, I could use:

"Asa Clark Brown is my favorite ancestor."

Most websites, however, do not yet allow passwords of this length, so we must be creative in how we come up with a secure password. A couple of months ago I asked our readers "how do you remember all of your passwords?" You came up with lots of great suggestions. Some of the software you suggested will come up with passwords for you. They will even store your passwords in a "secure" place so you can have access to them from any Internet-connected computer.

I still do not have the perfect answers, but Sutter's article is a good read. Click here to learn how to create a 'super password'.

Until now, I've never thought of using a sentence as a password. Have you? I'd enjoy hearing your comments below.

Comments (6)

Your email address will not be published. Required fields are marked *

  • SB
    Sue Black

    Most of my ancestors are Irish so I use gealic words for my passwords on every site I use. I use the upper / lower and number method with these words. So say the word prayer is Paidreoir, I change it to PaId9Re4oiR2. The numbers mean something to me so they are easy to remember. There are shorter words so you can make it for the 8 letter passwords too. So for brown becomes donn becomes D6o7N6n3. Everything I read about the ease of password cracking uses english words, so I went back to my heritage to make my passwords.

  • LB
    Larry Berman

    May I recommend RoboForm to all. It requires just one password to use the program but it will in turn keep track of thousands of passwords and their associated websites. It will even generate highly encrypted passwords for you for any site and you don’t have to remember anything but the master password you used to access the program originally. All data is backed up to the RoboForm servers so you can never loose anything. This is not free but you receive free updates for life. Besides passwords, it keeps safe notes and identities protected by your one master password. I have used this program for at least 8-years and never regretted the safety and flexibility it has given me.
    http://www.roboform.com/

  • DH
    Dallas Hinton

    Your comment about “Asa Clark Brown is my favorite ancestor.” being too long isn’t actually a problem. Most sites will simply stop entering or will discard anything that’s too long, so you can just enter the entire string and the site will use just the first part (up to their character limit).
    Cheers, Dallas

  • PH
    Peter Hill

    Passwords should be easy to remember, but had to crack.
    Possibly the easiest way solve this conflict is to combine 2 items you know well, but are not obvious. An example, the phone number for tech support at [Millenia] is [14257880932]. Splice these two together and you get 1M4i2l5l7e8n8i0a9 3 2. Put a symbol in to fill the blanks. Complexity or difficuly to crack can be improved by using odd placed capitals or replacing a character with a symbol eg $. You dont have use the whole password you create, but keep it long enough to make it hard to crack.
    One place I worked required you to use a new password every month. I used a variation of my name and the dayoftheyear/year written in hexadecimal. Feb 1 10 is 31 +1 =20Hex and 10 = aHex therefore Feb 1 2010 became 20a. It was simple,easy to calculate, and I didn’t tell anyone how I adjusted my password. And that is other secret to a secure password, don’t tell anyone, ever.

  • JB
    JL Beeken

    I use KeePass to store my passwords and I only have to remember one master password to the vault. It’s a 14 character phrase consisting of uppercase, lowercase and numbers. Easy to remember and not written down anywhere. KeePass creates all the other ones, mostly 14 mixed characters and I couldn’t memorize even one of them if I tried and there’s 322 stored in there.

  • ZA
    Zeb Acuff

    I like a variant of the sentence-password: take a phrase or sentence and use the initial letters, substituting capitals, numerals, or symbols as appropriate. It can take some getting used to, but my fingers have “memorized” it pretty well by now.
    Example: “Asa Clark Brown is my favorite ancestor” would become ACBimfa. (one would need to add an extra character to get to a common 8-character minimum, but you get the idea)
    Also: “I’m searching for myself; have you seen me?” could become Is4m-hUsm.
    Possibilities abound…

Subscribe to Newsletter

Keep up to date on the latest webinars, software tips, and promotions by joining our newsletter.

Please enter a valid email address
Thanks for signing up!