Thinking up good but memorable passwords

Discussion in 'Community Discussion' started by Applespider, Feb 20, 2006.

  1. Applespider macrumors G4


    Jan 20, 2004
    looking through rose-tinted spectacles...
    I was talking to someone at work today about thinking up memorable passwords which were secure enough not to be easily guessed.

    He came up with a few options like taking two old car number plates and mixing them up or using two old pet names and mixing up the first initials etc But two of the rest of the group still go confused.

    I countered with my usual method for coming up with an 'interesting' password which is to think of a song lyric (the more obscure the better) and use the first initial of each word in the line which generally comes up with something weird enough that it comes up flagged 'green' in OS X's password finder (I just don't find any of those generated to be memorable enough) but easy enough to remember just by singing along in your head

    So at Christmas you might have 'Hark the herald angels sing, glory to the new born king' which would give you a password of hthasg2tnbk - not great in terms of numbers/letters mix but you get the idea!

    Anyone else got any foolproof methods of coming up with secure but memorable passwords?
  2. macEfan macrumors 65816


    Apr 7, 2005
    Forbidden, you do not have access to that server
    thats a good sugestion. I can't remember my passords very well, as I have too many of them... I write them down and lock them in my file cabinet. Only the important ones i only remember in my head. I don't write passowords to anything with sensitive information.
    If you can't remember passwords, consider a biometric finger device. it will use your finger as a verification device. I find it quite nifty.
  3. Lau Guest

    I use a 'theme' and then use that theme for all my accounts. Lets say, for the sake of arguments that it is a colour. (It isn't :p)

    This is split into sections, say 3 - spammy hotmail type unsecure passwords, medium security (online shopping details etc) and uber-security (website FTP password, primary email accounts, banking, etc)

    In the colour example spammy might be "red", medium might be "navyblue" and uber might be "cadmiumyellow". I then mix these with numbers or symbols, say into "r3d", "n9*yblu8" and "c8dm1)mye110£" or similar.

    It means I only have to remember a few passwords, but hopefully they're quite secure, which is nice. :)


    One of the interactive media tutors at college uses one password which he then adds the name of the site to for each site e.g. yellowamazon, yellowmacrumors, etc, which I thought was a good idea for all the hundreds of shopping sites etc that require a password.
  4. balamw Moderator


    Staff Member

    Aug 16, 2005
    New England
    Another way I've found convenient is to interleave two words from a poem/address/song lyric/etc... e.g. using the example AppleSpider used you could end up with HaEnRgAeLlDs from "herald angels", there are variations based on how you mix uppercase and lowercase and include punctuation and symbols or numbers.

    Another one that is useful is to make a phrase that includes one of the symbol keys as part of the phrase. e.g. *Jones (Star Jones) or |layer (pipe layer) or PayThe|er (pay the piper) Fun@TheBeach (too clear).

  5. Applespider thread starter macrumors G4


    Jan 20, 2004
    looking through rose-tinted spectacles...
    Having now reread your post, I've remembered it but I did have a quick search on password to see if it was here that I read it but it didn't pop up in the first few pages... Ah well.. consider a reminder for those who weren't around 18 months ago ;) I didn't even recall see Stubeeef's recent comment on there
  6. Abstract macrumors Penryn


    Dec 27, 2002
    Location Location Location
    Who cares, it was 18 months ago. Carry on.

    My password is my old phone number, including the area code.
  7. EGT macrumors 68000


    Sep 4, 2003
    I have a system similar to Applespider's.

    I only have a few that I use between various things which isn't the best when you're trying to be secure. Which reminds me; does anyone use one of those password storing apps?

    No matter how secure they say they are, I still don't like the idea of grouping all my passwords together on computer. I have the main ones listed at home locked in my desk.

    If you try and steal anything the desk will shock you. :p
  8. cslewis macrumors 6502a


    Jul 23, 2004
    40º27.8''N, 75º42.8''W
    My passwords are somewhat secure... but since I never remember each one for each service, i've limited myself to five. When I need to open one of my accounts, instead of digging out a directory of passwords, I just try each of the passwords until one works. And because I have five, there's no chance that i'll be 'locked out' from logging in.

    Yes, I realise that having the same passwords for different services isn't too smart, but am I really that important?
  9. w_parietti22 macrumors 68020

    Apr 16, 2005
    Seattle, WA
    I usually use a pet name and year of their birth... I have lots of pets. :)
  10. emmawu macrumors 6502

    Jan 19, 2005
    Wauwatosa, WI
    I like to think of "what would secret service code name be" like the Eagle for POTUS, or an old tv show you liked like star.trek_ng, or just MR.ED. :D
  11. mgargan1 macrumors 65816


    Feb 22, 2003
    Reston, VA
    what bothers me is when you have to change your password every couple of months!!
  12. mad jew Moderator emeritus

    mad jew

    Apr 3, 2004
    Adelaide, Australia
    I just use "password". I assumed everyone did this. Patiently waits for the amateur hackers, latestepics in hand...
  13. rendezvouscp macrumors 68000

    Aug 20, 2003
    Long Beach, California
    I'm not very secure about passwords. I have one main one, which I use for everything save a few exceptions, such as when a combination of letters and numbers is needed; about a year ago, I decided to start changing my passwords over to different things, but I only ended up changing my Google password.

    My main password is a combination of numbers that are the most important numbers in my life, but they have nothing to do with my birth date, social security number, etc.
  14. applekid macrumors 68020

    Jul 3, 2003
    Or the more secure passw0rd. ;) (That was our default password for the accounts at school at the beginning of the year when our login accounts were reset)
  15. gauchogolfer macrumors 603


    Jan 28, 2005
    American Riviera
    I have a system at work that I like pretty well, since we have to change passwords every few months. It goes like this:


    So, for example: Eight=4+4! or Seven=3+4!

    I rotate these through from 1 to 10, then I can use 1 again when the time comes. Of course, this can be (and has been, fyi ;) ) changed around to incorporate different characters. I think it gives a good mix of letters, numbers, special characters, and is reasonably long. OneHundred=47+53!! isn't going to get cracked very quickly.
  16. shirley macrumors member

    Jan 5, 2006
    leeds, sunny england hmm
    thinking up memorable passwords

    i use my daughters name spelt backwards then add her date of birth
  17. OutThere macrumors 603


    Dec 19, 2002
    For websites that I don't really care about I use real words that I can type with my left hand. If they want a number on it I add a 1. :D

    For everything else, I formulate passwords as such:


    for example I could have passwords like this:


    pretty secure and very easy to remember, relative to, say: FwU%$1058^%k*

    The words and numbers can be something relative to your life, like:

    (girlfriend's middle name)+(symbols)+(shoe size)+(symbols)+(hair color)
  18. Josh macrumors 68000


    Mar 4, 2004
    State College, PA
    Answering this thread is like saying "This is what I do - now take it as a hint and try to figure out my password!"


    Everyone has their own secret memories, and their own significance for certain words or phrases that might be meaningless to someone else.

    Mix and match some of those phrases that trigger strong memories for you, add in some numbers (and variations of letter case, if you're super paranoid), and you should be good to go.
  19. yellow Moderator emeritus


    Oct 21, 2003
    Portland, OR
    If the word appears in a dictionary, or is a proper name, then interspersing it with numbers and/or alphanumerics IS NOT MAKING YOUR PASSWORD ANY SAFER.
  20. gekko513 macrumors 603


    Oct 16, 2003

    No seriously ... One of my methods for a simple password is to think of two people that I know having sex. And then I make the password as the initials of the first person 6 (6 is pronounced as sex in Norwegian) and then the initals of the second person. :D Then add some symbols of your own choice if you like.
  21. floriflee macrumors 68030


    Dec 21, 2004
    One thing I don't like are those sites that only let you use numbers and letters. Makes thinking up a good, memorable password that much more difficult. :p

    I guess this means I'll have to stop using "changeme"...
  22. Josh macrumors 68000


    Mar 4, 2004
    State College, PA
    Yes it is.

    Any good password cracking device (either human or computer) is not going to check against a pre-defined library of words and phrases.

    That would be fast, but terribley ineffecient. The success rate would be random and low.

    A good device will check 1 character at a time, going through all the possible characters. Once it goes through them all using 1 character, it will do the same with 2 characters, trying all possible combinations. Then, move on to 3 characters, etc.

    Obviously, this is going to take a very long time, but since it crawls every possible combination, it will eventually get it.

    However, using variations in symbols, letters (and case), with numbers, will indeed increase the amount of time it takes for such a bruteforce attack to work.

    Now, bruteforce attacks aren't very common these days, for 2 reasons:
    1) Most sites have a failure limit, and if you enter the wrong password X amount of times in Y amount of time, it won't let you try again - often an email is sent to the person who's login is being used, and sometimes to the site admin as well.

    2) Most passwords these days are hashed (often with a salt) using md5. What this does is converts your password to a (theoretically) irreversable string of data. The salt, which is a random string applied to the password before it is hashed, practically insures your passwords safety.

    Software-based attacks on your password are near useless on the net, especially on forums like MR. The md5 hash + salt would take years to figure out, and VB only allows 5 tries, so that amount of time is increased exponentially.

    If you want to get someone's password on an online forum, the best and most effecient way (unless you have access to the database and hash+salt of the user) is trying your best guess off the top of your head. Obviously this has an incredibly low success rate, and being that this is the most effecient, you can see just how hard it would be.

    Using a psychological profile of the person whose password you want would be your best bet.

    And, because insignificant letters, symbols, and capitlisation are entirely random, they increase the effectiveness of your password, as it's very unlikely a human will guess at those numbers, their placement, and so on.

    (More info on the subject:
  23. maya macrumors 68040


    Oct 7, 2004
    somewhere between here and there.
    We are living in an online and digital society that is constantly bombarded with usernames and passwords. Quite frankly I am getting feed-up with all this. BioMetrics hear my pray. ;) :)
  24. Timepass macrumors 65816

    Jan 4, 2005
    the use of numbers symbles letters in a password make it more secure in the fact that it can not be randomly guess. Brute force is block by guess limits. Now it takes knowing the person and a little thinking. With everything else in there it makes it just a little harder to do.

    For me I have a few basic passwords for none important things. Because my school is so picky about passwords after they found out that 10% of all the passwords used for eraider was the word Password they put in some very strick rules in place. drives me nuts but I have a few creative ways to come up with them.

    We are not allowed to have any part of the password appear in the engish dictinary, must contain at least 1 captical and 1 lowercase and a least 1 number or speical char.

    For me I just went to a bank of foreign words that I know. Came up with password from there. I know what it is in engilsh and what language I used to make it. Really easy to rememeber.

    Go to foreign words great way to come up with some.

Share This Page