Passwords that work

A good password is a system for creating codes that are easy to remember but hard to crack. Here's a set of guidelines:

1. Choose a phrase that's at least five words long. It could be a book or song title or a quote. Draw your core password from that, perhaps by using the first letter of each word. For example, the first letters of the book title The Cat in the Hat are: tcith. This step protects you from a dictionary attack, in which someone tries to crack your phrase using known words (and proper names).

2. Alter some of it. Replace some lowercase letters with capital letters, numbers or symbols. For example: Tc!tH capitalizes the first and last letter and replaces the "i" with an exclamation point. (You could replace an "a" with the "@" symbol too.) Make it simple; don't write your system down.

3. Customize the password for each use. Add a character or three to the core password to ensure that every pass phrase is at least seven characters long and includes a number. Generate an extra letter and number based on the name of the program you're accessing. For example: o5Tc!tH could be a password for a Yahoo Web mail account, adding an "o" for the last letter of Yahoo, and a 5, for the number of letters in Yahoo.

4. Write down your hint. Now you can write down a mnemonic device that will jog your memory without being obvious to anyone else. Hide this piece of paper or keep it in your wallet. For example, you could write down "basic: cat" to recall the Dr. Seuss title.

5. Establish different levels of passwords. Use different core phrases to develop passwords for online banking, for accounts that use your credit card and for those that don't involve financial information. If you can't change your password every 90 days, do so whenever daylight-saving time starts and stops.

Source: Adapted from 'How to write better passwords at

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Follow our new CSO Australia LinkedIn
Follow our new social and we'll keep you in the loop for exclusive events and all things security!
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.

More about Yahoo

Show Comments

Featured Whitepapers

Editor's Recommendations

Brand Page

Stories by Sarah D. Scalet

Latest Videos

More videos

Blog Posts