For my Cybersecurity class, I presented an extra credit lesson on how to create secure and easy to remember passwords that would help people with vision loss (inclusive of low vision/blind) create strong passwords and avoid reusing the same easy-to-guess password everywhere. Here is a copy of the presentation in blog post form that talks about password safety and coming up with passwords that can easily be remembered while still being difficult to crack.
It’s tempting to use the same password for everything, and I know a lot of people who do this, even though they know it is a bad idea to do so. But just how bad of an idea is it?
One of my favorite tips for how to create secure and easy-to-remember passwords is to use a base password that changes for each website, adding characters, symbols, numbers, and other things to make it secure and unique. To demonstrate what this looks like, I will use the base password “frenchfries“- another popular choice I’ve used for coming up with base passwords include song lyrics because I can write the song name in a password book without having to write out the actual password.
Adding capital/uppercase letters, especially at different intervals, makes passwords more difficult to guess. “frenchfries” can be upgraded to “FrenchFries” or “FrenchFrieS“, which is more difficult to guess while being easy to type.
Replacing letters with similar looking numbers within a word can help with security, especially if there are alternating numbers and letters. Using the “frenchfries” password, users can replace the vowels with corresponding similar looking numbers, so the password would be “fr3nchfr13s” instead.
Adding symbols can help make passwords more secure too. For users that use modified keyboards, pick easy to reach symbols such as periods, dollar signs, exclamation points, or similar. Our base password can be improved by adding just one symbol, but I usually add a few more and combine it with uppercase letters and numbers too. Some examples are “?frenchfries“, “frenchfrie$“, or “french.fries”.
Remember how a program could guess a short password in 30 minutes? Add on a few extra letters or words, maybe even creating a sentence for a password. Examples could be “largeorderfrenchfries” or “ilikefrenchfries“.
When I use passwords that form a sentence, I typically use camel case or pascal case, capitalizing different words in the sentence. So the passwords would actually look more like “LargeOrderFrenchFries” or “iLikeFrenchFries”.
Here’s a cool password trick I learned to make passwords longer. Add the website name to the end of the base password so the password is easy to remember, yet different for each website. Again, add symbols, numbers, and uppercase letters to make it even more secure. If I was logging into X (formerly Twitter), my password could be “frenchfriestwitter” or “frenchfries.Twitter“, modified with uppercase letters and numbers.
There are many great password management and generator software, such as LastPass. However, if you frequently use accounts on devices that are not your own, such as in a computer lab, I would caution against having this software generate passwords, though having it store passwords is fine. It’s also worth noting that some websites may not support using password management tools- my university and bank are two examples of websites that do not support this.
By Veronica Lewis/Veronica With Four Eyes, www.veroniiiica.com
Updated March 2024; original post published October 2017.
Back to Paths to Technology’s Home page