How do I create easy but strong passwords?

It’s common for a site, email accounts, and servers to be attacked by internet bots trying to guess usernames and passwords. In the unfortunate case that you get hacked (or just to prevent being hacked), we ask you to review your passwords and change them if they are insecure. But how can you make your password more secure without recurring to long and complex, easily-forgattable passwords?

Instead of using weird words (jabberwocky), random strings of characters (5Uxr"SDi1~Ywcj), or just plain simple words or numbers (like dates or and ID) we reccommend that you use small phrases with spaces

  • orange would take 3 minutes to be guessed
  • woosaa would take 1 hour 22 minutes to be guessed
  • j4fS<2 would take 219 years to be guessed
  • this is fun would take 2537 years to be guessed

Based on 100 attempts per minute.

If you want an extremely secure password, use rare words with spaces. A password like play on azeroth would take several million years to be guessed.

Need any more information? Check out [this] really informative blog post.

Additional suggestions

  1. If you feel comfortable with them, use a password manager, like [1Password]
  2. Always check for viruses, spyware, malware and keyloggers in your computer: not even the greatest passwords of them all can resist an attack by someone who already knows your password
  3. Don’t use the same password in different services: if, for example, your Hotmail account gets hacked and you have the same login information for your server, you’re bound to be hacked