Creating a secure password can be a daunting task at first.  When you look at the requirements of some sites, you may wonder how you will ever remember the secure password.  Remember, you should NEVER write a secure password down and keep it by your computer.  If you must write a secure password down, keep it in a secure place, like a safe.  But if you follow the recommendations in this article, you will never have to write it down.

A secure password is based on two requirements:  (1) Length and (2) entropy.  Length is determined by the number of characters in the secure password.  For instance, the password "password" has 8 letters, therefore its length is 8 characters.  Pretty simple.  Entropy has to do with the ability to guess the password.  In our example "password" is very easy to guess, so it would not be a secure password to use.  Also, it's a common English word that could be found in the dictionary.  A dictionary-based attack could easily crack this password.  On the other hand, a password like L8?j would be difficult to guess, and could not be cracked with a dictionary-based attack, but the length is too short.  This password could be easily cracked using a brute-force attack.

A brute-force attack is where a hacker will use a computer program to run through every possible combination of numbers, letters and symbols to crack the password.  Our previous password of L8?j would be cracked in a matter of seconds with a brute-force attack.

Many websites require a minimum length of 8 characters.  Recent studies have shown that this length is not secure enough.  It could be cracked in a matter of minutes.  Professionals are now recommending a password length of at least 14 characters, with at least an uppercase letter, lowercase letter, number and symbol.  To meet these requirements, a password of "u9&kLT6!e@3,js" would be very difficult to crack, but almost impossible to remember.  But don't worry, I will show you two different ways to create a secure password that is easy to remember.

One way to create a secure password is to take an easy to remember password, and substitute the vowels for symbols.  For instance "MickeyMouse" is easy to remember.  We already meet two requirements for a secure password.  It has uppercase letters and lower case letters.  Let's substitute the vowels with numbers.  The easiest way to do this is to put the vowels in order and just use the corresponding number.  For example, "a e i o u" could be substituted with "1 2 3 4 5".  Now our MickeyMouse password becomes


Our password is looking more secure.  "MickeyMouse" is usually two words, so we can use a symbol to separate the words.  How about the "&"?  Now we have:


We are still two characters short of a secure password.  How about we begin the password with the first initial of my first name.  So "s" in this case.  And end the password with the first initial of my last name, which is a "b".  So now our password is:


Now we have a secure password that is very difficult to crack, but easy to remember.  All you have to remember is your initials, "12345", an "&" and "MickeyMouse".

An even easier way is to use a pass phrase instead of a password.  Did you know that a "space" is considered a symbol?    Pass phrases are short sentences that are easy to remember, but difficult to crack or guess.  Here is an example passphrase that would meet all the above requirements.

I Wake Up At 7:00am

It doesn't get much easier to remember than that.   It has 19 characters, uppercase letters, lowercase letters, numbers and symbols.  Everything needed in a secure password.  Which is easier to remember, "u9&kLT6!e@3,js" or "I Wake Up At 7:00am"?  Obviously the latter.

For even more security, you can substitute the vowels for numbers, as in our previous example.  So, our new password becomes:

3 W1k2 5p 1t 7:001m

Using the methods that I have shown you, you can create a very secure password that meets all requirements and is easy for you to remember so you won't have to write it down.  Consistently use the same methods, and you will never forget a password again!