To make an excellent password, it should be long enough, not obvious, and easy to remember.
1. Make the password at least 12 characters long so it will take forever to crack on today’s faster computers. Of course, length alone is not enough. If 12 characters became super popular, “123456789012” would likely become the #1 password, used by millions, and it would be the very first password that would be tried.
Length + all character types + not obvious is what you need.
2. Use at least one each from the four types of character on an English keyboard (same idea for other languages), and avoid the obviously obvious patterns, like “Aa#111111111”.
- a b c d… (lowercase)
- A B C D… (uppercase)
- 1 2 3 4… (numbers)
- ! @ # $… (symbols)
- easy to remember: “Cat #3 yes or no”
- 12 characters long
- at least one each of lowercase, uppercase, number and symbol
- not obvious
Or nonsense words that you can remember like real words (consonant-vowel-consonant) work just as well:
You can also use the idea of padding: start with a shorter real or nonsense word or phrase, filled out to 12 or more total characters.
Examples: 2Bits….!….! or <>…2Bitz…<> (both of these are 15 characters long!)
Just don’t make the padding obvious, like “aSp4……..”, if everyone used lots of “.”, the guesses would start with shorter combinations padded out with dots, which would speed things up.
Remember, brute force guesses are either right, or wrong and try again, it’s not like Scrabble, where the password is being pieced together. If the whole password, or a big part of it, is not EXACTLY the same as millions of others, it’s not going to be in a dictionary, and every possible combination of all those characters will have to be tried, one by one, forever.
12 characters minimum + all four types + not obvious patterns is all you need. Once you understand how it works, just use common sense and your password will be easy to remember and super secure.