Picking a great password

December 2, 2012 | 5 comments

I was trying to find a simple, brief guide to picking great passwords, and came up short. Hopefully this simple advice is useful:

  1. Don’t pick a password; pick a pass phrase.
  2. Include letters of both cases, numbers, and punctuation characters. For bonus points, use “special” characters like é and î.
  3. Don’t pick something you’ll have to write down to remember. Never write down a password.
  4. Try not to use the same password for multiple sites.

Some examples of passwords I might use (you’ll have to think of new ones; each line is a single password):

  • “B0w T!es ar€ Coo7.”
  • ‘Th3re 4re W0rlds 0ut there where the Sky 1s burn1ng, 4nd th3 S3a’s 4sleep, 4nd th3 R1vers dr3am.’
  • “!€xtermin8″ “D3le7e!” “Dok-torr”

Letter substitutions like I’ve done above are not secure for single word passwords. Don’t rely on them! And they’re kind of fiddly anyway, so if the punctuation in the phrases above is too much, you could even simplify them:

  • “Bow Ties are Cool!!”
  • ‘There are worlds out there where the sky is burning, and the sea’s asleep, and the rivers dream.’
  • “Exterminate!” ‘Delete!’ “Dok-torr”

And if you really, really must record your passwords somewhere, the only solution I recommend is 1password. But I’d recommend not doing it.