Easy tricks anyone can use to memorize complex passwords

Why you shouldn’t follow the minimum password strength requirements!

A password is normally one, (and sometimes the only wall), preventing an attacker from gaining access to your systems or data. Most of what are considered strong passwords require:

  • 8 characters
  • One Capital
  • One Lower Case
  • Number
  • Symbol

Here is an interesting fact, a password of this complexity can be cracked in 48 minutes, using a couple of the latest graphic cards.

Checkout the length of time it takes to brute force a password.

brute force password chart time it takes to hack password

Because technology is always changing, we need to make sure our passwords are complex enough to evolve with it. 20 years ago, a password of this complexity would’ve taken years to brute force. Of course, we now have biometrics, single-sign on, and multi-factor authentication, which are all great ways to increase user security. However, at the heart of most things, like logging into our computer in the morning, or logging into a website or bank account, passwords are still reigning supreme.

Number of Characters

Possible combinations with letters, numbers and characters

6 Characters

109 Billion Combinations

8 Characters

521 Trillion Combinations

10 characters

171.3 sextillion

12 characters

475 sextillion

P.S. Sextillion is 21 zeroes

Why patterns are easy to crack, even though we think we are clever!

Making your password 12 characters long exponentially increases the length of time it takes to brute force a password.

You have a few options, when it comes to passwords, come up with a complex password that looks something like this: !Ey$9N4&ju7MOr, develop a method of creating complex passwords that are very difficult to guess. Before we go down this road, lets remember some basics here:

  1. A strong password is not something that can be easily guessed. Using passwords like “password” or “1234” are ineffective because they have probably been leaked on the dark web already. Hackers typically go after these databases first to see if any of the passwords match what they are looking for. Use patterns that are not easy to guess in order to keep your information safe!
  2. You are thinking ok, 12345 is too simple, what if I use 963258. They will never guess that combination! Well sequences are actually very easy to guess. Let’s take a look and I’ll show you that patterns are also the first things that are guessed when you pick those “super complex” straight line patterns.

numpad pattern

As you can see here, anything that looks like a pattern on your keyboard is also easy to guess. So, a number that might seem random, looks like a simple shape on the num keypad. If you think you are the only clever one to think of this pattern you are wrong…

  1. Another thing to remember is to never use personal information in your password. Odds are your information was part of many leaks and everyone already knows your date of birth, social security number, address, and phone number.
  1. Try using special characters in your password! Your keyboard has 40 symbols that you can use instead of letters or numbers. Using a combination of characters and symbols makes it much harder for someone to guess your password. You might be wondering, well, that’s pretty difficult to remember… How will I ever remember my password?

 

What’s better than a password you might wonder? A passphrase!

Let me show you a technique that you can use to make complex passwords much easier to remember!

Although it could be argued that these follow a natural pattern of speaking where nouns are followed by verbs, making this 12+ characters long and including special characters will certainly make this password more complex. Let’s take a few phrases and show you how you can turn them into an actual password.

My dog chases other animals: turns into mYd0g(h4sesOtherAnimA!s

To remember a 12+ character long password we are using two techniques here:

  1. Remembering a phrase, which is very simple to do, and we should change this phrase often and use a different phrase. For example: My dog chases cats instead of animals as the above example
  2. The 2nd part of this is to remember a pattern, in this example:
  • first letter is not capitalized, but every other letter beginning new word is capitalized
  • A’s are capitalized, and lower cases a’s turn into 4’s.
  • Instead of C we are using the parenthesis
  • O’s turn into capital letters
  • L’s turn into !’s

Now that you have this pattern memorized you can apply it to any phrases.

For example, let’s take a look at:

Bulldogs won today’s game : turns into bU!!dOgsWOnt0d4ysG4me

That is a 19-character password, that would be EXTREMELY hard to brute force, and you are using a similar pattern for the first password. Now, all you have to do is remember the patterns and the phrase which can be anything you want them to be, and apply this cypher to make very long and complex passwords. There is another trick you can do to use special characters to add complexity but still keep it simple!

 

Use emoticons

In conjunction with the pass phrases, you can also use emoticons in your password. For example, you can take that same really simple 8 character password, (that would be brute forced almost instantly), and add a lot more complexity to it, but putting a few emoji’s in it! Adding this to the beginning, ending, middle or both ends of the password and it turns that password from Password123 to :/Password123:D taking it from a password that could be brute forced instantly to something that is 17 characters long and it would take only 1 billion years to brute force hack. That is something we can all be 🙂 about.

Just doing something simple like this just made this password exponentially harder to brute attack.

 

Combining both of these easy to remember techniques of using passphrases and emoticons, you will create a very long, and complex password that is also easy to remember. Consistency is the key here, practice this method a few times and it will all become second nature to you!

Benefits and Pitfalls of Password Managers

A password manager is a tool that will generate, store, and manage your passwords. Password managers can be integrated into web browsers to automatically fill in forms online.

They are great for users who have trouble remembering their passwords, but they also serve another purpose: convenience! It would take too long to manually enter all of your passwords, so a password manager makes it easy to quickly access all of your passwords with just one login.

 

Password managers can also remind you when to change your passwords regularly and alert you if any of your accounts have been compromised. They are often encrypted with military-grade encryption, which means that even if someone were to gain access to the database, your passwords will remain safe.

Although password managers generate randomized and difficult-to-hack passwords, you will likely never remember one of these long strings of characters. If you need to log into an account from a computer that doesn’t have your password manager installed (for example, at work), it becomes much more complicated–you would have to use your phone to look up the correct password for that particular website or application. Password managers also usually require an actual password to login to your computer at first, and if you’re working on a remote desktop session, chances are they won’t work there either. So, in those situations, you would have use the technique I just showed you or get passwords from your phone every time.

 

author avatar
Dmitriy Teplinskiy
I have worked in the IT industry for 15+ years. During this time I have consulted clients in accounting and finance, manufacturing, automotive and boating, retail and everything in between. My background is in Networking and Cybersecurity