By: Alex McOmiePassword manager reviewer
Editor: Owen DubielIT security and VPN expert
When you think of a memorable password, you probably think of something brief. However, longer passwords can be more secure and even easier to remember than shorter ones. Regular passwords are still more popular than passphrases, but passphrases have gained broader recognition over the last few years.
Unlike conventional passwords, passphrases are made up of a set of full words. Each of the individual words usually is separated by a dash or other mark. For example, a passphrase could be something like wooden-overpass-brilliant-policy.
Passphrases are much longer than most passwords, which makes them resistant to many kinds of attacks. Even if you only use lowercase letters with no numbers or special characters, the length alone does more than enough to keep your account safe.
Bitwarden found that this 10-character password, which contains capital and lowercase letters, as well as numbers and special characters, would take just 12 days to crack. That might sound like a long time, but it’s important to remember that you may not be able to react immediately when someone is trying to compromise your password.
In contrast, something as simple as i-like-marvel-movies brings the estimated time to track up to the scale of centuries. Even though this password sounds simple, it would take thousands of times longer to crack than the much less memorable password above.
Since they contain full words rather than a more random combination of characters, many people find that they’re easier to remember. You can come up with unique passphrases yourself or rely on a password generator that supports passphrases.
With many websites and apps enforcing password requirements, it’s common for internet users to add numbers or special characters to the end of their passwords. Similarly, people tend to put capital letters at the very beginning. For example, if you want to use the base password “biorhythm,” you might come with something like Biorhythm123!.
Adding length and different types of characters is a good thing, but these kinds of patterns are well-known in 2023. You need to integrate these types of characters to protect your accounts fully. Fortunately, this shouldn’t make your passwords any more difficult to remember.
For example, !bIo3rHy2tHm1 would be much more difficult for someone to crack, even though it still follows an easily recognizable pattern.
Think about it like this — if someone knew that your password involved the word “biorhythm,” you wouldn’t feel very secure with the Biorhythm123! Password mentioned above. On the other hand, it would still probably take them hundreds of guesses to come up with !bIo3rHy2tHm1. This is a good demonstration of the fact that you can use memorable patterns in your passwords without making them predictable.
Remembering specific strings of characters can be extremely difficult, especially when you’re working with many different accounts. You can make things a little easier on yourself by using a specific keyboard pattern that’s easier to remember than the characters themselves.
For example, you might use a pattern of one character, then three to the left, then two down, then four to the right. That could lead to a full password of “0987ujkl;'” — the keyboard pattern is more like a lock combination than a conventional password, which should make it very easy to remember. At the same time, it contains 10 total characters including different types of characters, and it doesn’t include any recognizable words.
You could make things even more complex with other shapes and patterns. The password “[p;’weds87ui” is made up of three different squares from around the keyboard.
By placing the mnemonic on the physical keyboard instead of within the characters themselves, you could add memorability without making a password easy to guess. However, you still need to watch out for obvious strings and patterns like qwerty.
Similarly, you can have multiple words stacked on top of each other instead of having them placed in sequential order. This strategy comes with most of the same benefits of a typical passphrase, but it makes the password much more difficult to work out.
Instead of i-like-marvel-movies from above, you could use something like ilmm-iao-krv-evi-ee-ls. This password starts with the first letters of each of the four words, then the second letters, and so on.
On one hand, this password is essentially as easy to remember as i-like-marvel-movies. As long as you remember the four words, you shouldn’t have any trouble putting the whole password together.
Still, the new password is virtually indecipherable to anyone who doesn’t understand the pattern. Most people would have trouble committing “ilmm-iao-krv-evi-ee-ls” to memory, even if they saw it written out in plain text. This is a great alternative to conventional passphrases for anyone who doesn’t feel secure with a password that contains full words.
Remembering all of your passwords is great if you can pull it off, but most people struggle to keep track of their passwords even if they use good strategies. With typical internet users maintaining many different online accounts, trying to stay on top of passwords on your own isn’t a very realistic option.
Password managers do most of the work for you and eliminate the stress and confusion that comes with remembering passwords. In general, password managers accounts are secured with a single master password. The master password controls access to all the other passwords, so you don’t need to remember the rest of your passwords as long as you remember the master.
Furthermore, top password managers can create strong passwords, analyze your existing passwords, and perform a variety of other helpful functions. Look at our list of the best password managers in 2023 for more information.
The need to remember passwords leads people to some risky practices, such as using obvious passwords or using the same password on every account. Even if you want to remember all of your passwords, that’s not a good reason to put your information at risk. These tips should help you come up with strong, unique passwords that are still relatively easy to memorize.
Still, most users find it more practical to stick with a password manager that can store passwords for them. With free and low-cost password managers available, you don’t need to break your budget to save and share passwords across devices.