I have had this post sitting in my draft folder for many months half completed. This past weekend I saw that brownstudy.info posted Creating random passphrases for stronger passwords (link down August 2019), which reminded me to finally complete this post.
In 2014 and 2015, I posted a series on tightening up your online security. This is not a technical blog, but I saw the idea of reducing risk as complimentary to my fitness and nutrition views. You can see that series here:
When I first started using a password manager, I would let that application generate secure passwords for me. I’d give it some parameters, such as length and whether I wanted numbers or special characters and it would dump out something like this:
That is a secure password. I’ll never remember it, but that is OK because I have a password manager. Right? Well, no. The reason is sometimes I need to connect to an account from a device where I do not have my password manager installed, such as my Kindle 6. It would be a lot easier to type in a password that was just as secure (or more secure) that was also human-friendly.
In the article linked to above, you will see the dice method for creating passphrases. I think that is a good start, but I have developed a more memorable technique.
The Mad Libs Password Method
My method is based on the series of kids books called Mad Libs. Remember those? You would answer a series of questions asking for word types and then your answers would be used to make up a new sentence. The sentence was often funny and memorable. But more important for our needs, it was long.
And remember that when creating a password or passphrase, length is your friend. Longer passwords are more difficult to crack than shorter ones.
Building Your Mad Libs Style Passphrase
Sentences are basically a combination of names, actions, adjectives, adverbs, and numbers. That was my remedial-English explanation, so don’t quote me. To get those words, I’ll come up with questions to narrow my focus.
- A famous person from the 1970s.
- An action verb.
- A color
- An animal
- A number
- Some special character bling
Example #1 Answers
We are off to a good start. I already see the sentence forming. I’m going to add the word WITH to make it more readable.
That passphrase is 30 characters long. It is memorable. It is visual. You will not misspell it typing it into a mobile device. It is perfect.
If you wanted to write down the new passphrase but didn’t want others to see the paper, you can put together an image like I just did. There are enough reminders in the image should you forget. I would only use this technique for the master passphrase for your Password Manager.
- Flavor adjective
- a word used on Star Trek
- action verb
- former President
- Some special character bling
Example #2 Answers
Now you can imagine Abe Lincoln behind a counter selling tribbles for $99 with a sign saying that they are crunchy. The visual is very memorable. And the password is unbreakable.
Practice Typing the Passphrase
If this is your Master Passphrase, I recommend typing it several times. You not only want to commit the sentence and image to memory but also connect with the sequence of the characters as you type. If the passphrase is too hard to type, go back and create a new passphrase. And to keep the memory active, set up your password manager in a way that forces you to type it a few times a week.