How to Create a Strong Password

In general, people create strong password mainly based on something that they know or they like. For instance, their favorite idol, the person they love, date of birth or their identity card number. Reason is simple enough, it is easy to remember. People tend to have an easier to remember password is because they are afraid of forgetting them. Let me tell you, it is a hassle to reset a forgotten password, but you can’t compare to the dangerous level of letting people guessed your password.
“Passwords are like underwear: you don’t let people see it, you should change it very often, and you shouldn’t share it with strangers.” – Chris Pirillo

strong passwordAs you can see, nowadays we had many types of online accounts. One person can have many email accounts, social network accounts, forum account and so on. In common, mostly people will use the same password for most of the account. Hence, by letting people guessed one of your passwords, there is a chance where this guesser will be able to guess more of your online accounts. To me, I personally do not feel the hassle of resetting a forgotten password compared to letting people able to guess what my password is.

I am sure that some of you already had a strong password with you. Every individual have their definition to a ‘strong password’ and below is what I can define about a strong password.It should contain at least 10 characters. (In common only eight characters, but certain experts said 10-14 characters)
  • Each strong password should have at least three of the following: Uppercase (QWERTY), lower case (qwerty), numerals (123456) and symbols or special characters (!@#$%^).
  • If you are using uppercase or symbols, never place them as the first character or the last character.
  • Avoid using meaningful names or words in your password. The attacker can run through the dictionary attack in just minutes.
  • Do not include your email address or even part of it into your strong password.
  • Do not refer to names such as your favorite idol, pet or your other personal information.
  • For transaction based accounts such as banking accounts, try to make your strong password as strong as possible.

How to Create a Strong Password

So now, how to make up a good password with all these restrictions? If you have difficulties forming one password, you can have them generated. If you feel you have problems remembering those passwords, then you have no choice but to generate a more meaningful yet, strong and not listed in the dictionary password. There is one tips here where you can have a strong password and still be able to remember them. Remember those time when we don’t have algorithms for encryption, we have to swap every first character or reverse the entire phrase to encrypt a message? We are going to do this now. Take this phrase as an example:

“i LOVE Linux more than Microsoft”

Now, except for the first word, the rest of the words I will substitute with the last three characters and the word ‘more than’ will be substitute with the symbol ‘>’.

“i OVE Nux > oft”

Next, I will substitute some of the letters with numbers and symbols and join up all the words.


Now you have a password from a phrase where you should be able to re-generate them from the phrase that you used. As password generation for personal use does not have any specific rules, this is just my personal guide to build a strong password. If you already have your own way to build a strong password, it is more than welcome to use them. However, do take note of the criteria of making a strong password above.

If you have different strong password for different accounts, should you keep the record somewhere else apart from your head? Imagine that we are living in the world that does not have password management software, the solution will down to only two which is you write them down or you save them in your PC. We used to say, it is not safe to write down your password. But with the technology of Trojans nowadays, I say it is safer to write them down than to save them in your PC. Unless you are going to have multiple layers of TrueCrypt encryption to keep your strong password files. Hence, in modern days, getting your written password stolen is harder than getting your softcopy password stolen. I would suggest the readers to write down your multiple strong password account rather than saving a copy in your PC.

Pay to Create Strong Password

But we are living in the second millennium, so it is not necessary to physically save the password when there is Password Management software around. Of course a little investment is needed, however it is a good investment that can help you solve your password issue. These password management software can come even at below $30. What you need is to create a really super strong password where by using this super strong password, you can unlock the rest of your remaining 10 or 20 passwords. Apart from the password management software, most of the web browser comes with password management. Never, ever save your password into your browser. Unless it is really some unimportant account that you can’t be bothered. Otherwise, you should not do it. Last and final piece of advice, you should never as well save your password on your friend’s PC or even a public PC. Always keep in mind that you password is the most confidential thing that you ever had and thus you need to know how to create a strong password.

Build Your Own Security
Subscribe to my newsletter and get a copy of my eBook for free.
We hate spam just as much as you

Related posts:

  1. Tatanga, Trojan That Robs Bank Account
  2. TrueCrypt: Protecting Data The Free Way
  3. Pwn2Own: Safari & IE8 Hacked, Firefox & Chrome Stand Strong
About Alan Tay

This blog is owned and operated by myMediaInc. My Media operates content based online portals for IT professionals, technology managers and decision makers as well as business leaders. We publish original quality content focused in Software Development, IT Security, SaaS, Cloud Computing, Outsourcing, Project Management and Mobile and Wireless. Our mission is to explore how to help you optimize your resources in each of these areas.

Find us here IT Security Column.


  1. Tan

    I have a few set of passwords for all my email/website/bank account. I have strong password for anything related to money, which will combine special character, number, lowercase and uppercase as what you mention above.

    By regarding password software, that might be a problem if someone hack to your pc and gain access to your password management software. That will be even worst, one shot all die.

    • Alan Tay says:

      It is good to know you have strong passwords for all your accounts.

      Regarding the password management, it is quite depend on how you want to use them. If everyone has the thinking of ALL in One is a bad thing, I don’t think cloud computing can succeed today. Password Management software usually require you to have only one single password to secure all of your other password. As a result, all you need is only one super strong password and you can make it as long as 20 characters so that it takes a long longer time to crack. If I am not mistaken, it took 5-6 years to brute-force a 10 characters password consists of uppercase, lowercase, numeric and special characters. Of course when you talk about hacking the PC can be installing keylogger-type Trojan into the victim side. When this happen, even you separate your password out, it is still going to be traceable.

Speak Your Mind


CommentLuv badge

This blog uses premium CommentLuv which allows you to put your keywords with your name if you have had 3 approved comments. Use your real name and then @ your keywords (maximum of 3)