Proton
Inscreva-se por RSS

How to create strong passwords you’ll actually remember

Douglas Crawford

Compartilhar esta página

If there’s one thing protecting your personal, financial, and professional information from hackers, it’s your password. Reusing weak passwords is the main culprit in countless data breaches, even though it’s an extremely simple problem to fix.

In this article, we discuss why you need to use a different strong password for each account, and also how to create and remember them. The biggest obstacle is the human brain: It’s not designed to remember truly strong passwords, let alone unique ones for each of the many services you use.

Fortunately, this is exactly the kind of thing computers are very good at. The best way to create and remember strong passwords is to let a good password manager do it for you.

Why you should use strong passwords

The need for strong passwords should be obvious to everyone, but the almost daily reports of catastrophic data breaches(nova janela) suggests not everyone is taking action to improve their account security.

Strong passwords help to secure your personal information, such as your name, address, phone number, and more, which could otherwise be used for identity theft or fraud. For online banking, shopping, or any financial transactions, they are critical in preventing unauthorized access to your financial details like credit card numbers, bank account information, and transaction history.

In a professional setting, strong passwords help protect sensitive company information, including client data, proprietary research, and internal communications from being compromised.

Hackers often use brute force attacks, where software is used to generate a large number of guesses to crack passwords. Strong, complex passwords are much harder for these programs to guess before security measures lock the account. They also help prevent dictionary attacks that run through a database of common words and phrases to guess passwords.

Many people reuse passwords across multiple accounts. Using a strong, unique password for each account ensures that if one account is compromised, your other accounts remain secure.

How to create and remember strong passwords

Before we talk about password managers, here are some principles to understand the security recommendations for passwords.

What makes a strong password?

Strong passwords have high entropy. This is a way to measure how unpredictable your password is. Here are some key factors in password entropy:

  1. Length: Aim for at least 12 to 15 characters. Longer passwords are generally stronger.
  2. Complexity: Use a mix of letters (both uppercase and lowercase), numbers, and symbols.
  3. Avoid predictability: Don’t use easily guessed passwords like “123456”, “password”, or “qwerty”. 
  4. Avoid personal information like birthdays, names of your pets or loved ones, or anniversaries.
  5. Uniqueness: Each of your accounts should have its own distinct password. If you reuse a password across multiple services, then a data breach on one service can result in hackers gaining access to all the other services secured with the same password. 

Use a mnemonic device

Unfortunately, while passwords such as h9!fdjhGH68%J@ are secure, they’re not easy (for humans) to remember. One way to address this is to think of a phrase or sentence that’s easy for you to remember. For example, “My first car was a Toyota in 2009!”.

You can then turn your phrase into a password by using the first letter of each word, mixing in numbers and symbols. From the example above, the password could be “MfcwaTi2009!”.

The final step in creating a successful mnemonic device is to associate your password with a mental image to help remember it. For instance, picturing your first car and the year you got it can trigger the memory of your password.

Use a random passphrase

Another option is to use a string of random but memorable words. For example, “Blue Tiger Pizza Rainbow” (keeping the spaces between words, as these add complexity). A great low-tech tool for manually helping to create this kind of random passphrase is Diceware(nova janela), or you can let Proton’s password generator do the work for you. All Proton Pass apps can also generate strong random passphrases.

XKCD comic

As the above XKCD comic(nova janela) explains, Diceware-style random passphrases are both secure and easy to remember.

Employ memory techniques

Once you’ve created a suitably complex password or passphrase, you can use memory aids to remember it. These include:

  • Repetition: Type your new password several times when you first create it to help embed it in your memory.
  • Visualization: Imagine the elements of your password in a story or picture. For “Blue Tiger Pizza Rainbow”, you might visualize a blue tiger eating pizza under a rainbow.
  • Regular use: Regularly log in to the site using the password instead of relying on autofill. This helps reinforce memory through frequent use.

The real solution: use a good password manager

You should now be able to create a strong password that you can remember. However, you need a different strong password for each and every service you use. In practice, this is all but impossible for humans to do without resorting to using tools.

Password managers such as Proton Pass are apps that can generate and remember unlimited secure passwords (or passphrases) for you. Most are cross-platform and can automatically sync your passwords across all your devices, so you can access them easily no matter where you are or which device you’re using. 

The Proton Pass app can generate secure passwords and passphrases

With a password manager, you only need to create and remember a single master password that you use to access all your other passwords. And because you need only remember a single password, you should be able to use the techniques outlined above to create a very strong one. 

Try Proton Pass

Proton Pass is a free and open source password manager from the team behind Proton Mail, the largest and most trusted secure email service in the world. With Proton Pass, your passwords are end-to-end encrypted at all times, so even we can’t access them.

Our apps for web, Android, iPhone, and iPad have a unique combination of features:

  • Autofill for easy sign-in to websites and mobile apps.
  • Support for not just your usernames and passwords, but also for end-to-end encrypted notes and credit card information.
  • Integrated two-factor authentication. Our apps can generate and autofill 2FA codes, making it easy to further secure your online accounts.
  • Hide my email aliases that allow you to protect your identity when signing up for online services and to easily disable annoying emails from them.
  • Secure password sharing. Which allows you to categorize and safely share your login information, payment details, and notes with your family, friends, and co-workers.
Learn more about Proton Pass

Final thoughts

Strong passwords are a fundamental aspect of cybersecurity. They act as the first line of defense against unauthorized access, protecting sensitive personal, financial, and professional data. 

As cyber threats grow more sophisticated, the importance of using strong, unique passwords across different accounts cannot be overstated. 

However, the only way to use strong passwords across your multiple web services is to use a safe password manager (such as Proton Pass). This allows you to secure your digital life while only needing to create and remember a single strong password or passphrase. Your password manager will take care of the rest. 

Proteja sua privacidade com a Proton
Crie uma conta gratuita

Artigos relacionados

The cover image for a Proton blog, showing a phone screen with a lock logo and three password fields surrounding the phone
en
Here's what to look for when choosing an enterprise password manager to streamline collaboration and protect your organization's sensitive data.
en
  • Guias de privacidade
Can you unsend an email?
Learn how to unsend an email, how it’s useful for personal or business emails, and how Proton Mail can help.
Proton Mail and Proton Calendar winter product roadmap
en
  • Atualizações de produtos
  • Proton Calendar
  • Proton Mail
Proton Mail and Proton Calendar winter product roadmap
Preview upcoming updates to Proton Mail and Proton Calendar, including performance boosts, new features, and enhanced privacy tools.
Gantt chart displaying Proton Drive plans and development of new features
en
  • Atualizações de produtos
  • Proton Drive
Proton Drive roadmap: Product updates coming this winter and spring
Discover the tools, features, and improvements coming to Proton Drive’s secure cloud storage and document editor this winter and spring.
laptop showing Bitcoin price climbing
en
  • Guias de privacidade
How to make a Bitcoin wallet
Learn what a Bitcoin wallet does and the strengths and weaknesses of custodial, self-custodial, hardware, and paper wallets.
pixel tracking: here's how to tell which emails track your activity
en
Discover what pixel tracking is and how it works, how to spot emails that track you, and how to block these hidden trackers.