A Guide to Crafting Strong and Memorable Passwords

There are numerous ways that people have come up with to manage their passwords for all the different digital resources that modern life demands. I remember a time when I actually knew all of the people in my life’s addresses and phone numbers from memory. For the younger generation that always had smartphones this revelation has been met routinely with astonishment and disbelief. I must say, that as I try to remember one person’s address and number who is a regular player in the unfolding story that is my life I find myself coming up empty unless their current number predates 2002.

For some reason, password management has not made the logical progress that numbers and addresses have to the point that we have a secure repository to keep them in and easily recall them from despite such technology being readily available to anyone who wants it. This article will dive into some of the considerations around crafting an approach to password management that fits your needs. 

Like shopping for anything else in life if you want to approach it wisely you need to do some thinking about what you need and want. Is this for personal or business use? If the latter what are the specific needs of your company and its users? Are there regulatory or policy compliance requirements or concerns? These are just a few examples of questions that should be considered regarding understanding if a solution is a good one for you. Make sure you hammer out your criteria before you start searching for a solution lest you find yourself shoehorning yourself into an ill-fitting solution that does not cover your needs. 

The common features of password management solutions are all great for solving the frustration surrounding the management of potentially thousands of passwords. You have your email, your bank account, your various bill payments, your retirement accounts, your streaming services, and the list goes on and on. Every year there is a new “thing” that begs you to create a new password and not forget it. 

A lot of people just reuse the same password for everything…don’t be like them.

A better approach, if you are not yet doing it can be found in the use of passphrases as opposed to simple complex passwords.

So instead of using your cat’s name “Mist3rMittens!”, you could use a phrase that is easier to remember and harder to guess, “I like dog5 better than cats!” is super simple to remember that the first “S” is a “5” and there is an exclamation point at the end. The length of passphrases and their use of spaces and numbers make it very difficult for someone to guess or “brute force” (which is simply a method of automated guessing). 

There are several concerns around picking a solution but if the features and the customer feedback all align with your needs that is the biggest concern. Most of the solutions available have a market focus that makes them better for users, better for small businesses, or better for large enterprises. Let’s step through a few in each category. 

Users and small businesses are nearly indistinguishable from each other when needs are being considered. There is generally not a need for the bells and whistles that are a requirement for enterprise customers. Suppose you are looking for a simple place to manage your passwords for consumer-facing products that come with devices and services like those provided by Apple. Their iCloud native “Keychain” legacy service can be found on any MacOS or iOS device under Settings>Passwords. It allows anyone with an iOS device, like an iPhone, the ability to securely manage passwords in a way that is integrated into their device’s operating system. For Android users there is Google Password Manager

The core feature of these solutions is ease of use and integration with the device’s operating system. Simply put, the thing just works. As for how safe it is that is a matter of how you use it. The tools generally have a password generator and can leverage biometric or pin-based methods to safeguard access to your passwords and the key to any solution for managing your passwords is saving them and keeping them safe in a way that isn’t too much of a hassle. 

Apple iOS and MacOS can provide the keychain service over the backbone of Apple’s iCloud service. The solution can detect username and password pages and based on the URL/address you are at call up the username and password that goes with it. 

Enterprise or business solutions add degrees of control that allow an organization to oversee the administration of users accounts in ways that do not compromise the confidentiality of the credentials being stored. These solutions will have features like MFA or Multi-Factor Authentication and Single Sign On or SSO integration, policy creation, shared access, and compliance alerting and reporting. 

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top