How to create strong passwords that you can easily remember

Many users out there are still using passwords like “123456” or “password” that are easy to hack. We provide you with tips on how to create better alternatives and properly manage your login credentials.

Icon by Roundicons www.flaticon.com

Björn GreifEditor

Extremely insecure combinations like “123456,” “password,” and “qwerty” are still regularly reported in lists of the most common passwords. Such repeated or keyboard patterns as well as terms found in dictionaries are not a good choice because they often can be hacked in a matter of seconds using certain technologies.

Secure passwords should never contain a reference to personal information (for example, names of family members or dates of birth). The recommendation is to use a minimum of eight characters — the more, the better — and these should include a mix of capital and lowercase letters and numbers. In creating a password, be sure you don’t simply place numbers and common characters like ! or ? at the beginning or end of an otherwise ordinary word.

Relatively secure and easy to remember are passphrases derived from a sentence. You can, for instance, string together the beginning letters of the words in a sentence, including special characters. When doing so, please do not use a well-known quote or saying. Even better are sentences you think of yourself like “My password has > 10 characters and is only used for my email account.” This would then be shortened to “Mph>10caioufmea”. If you incorporate the service you’re using the password for into the passphrase right from the start, you’ll always know immediately the user account for which it’s used. In creating such a password, however, you should be aware that some special characters might not be available on a foreign-language keyboard or accepted by some websites. You can easily check the security level of a passphrase you’ve created using various online password checkers. But when you carry out this check, do not enter your actual password; rather, only use a password that follows a similar pattern as yours.

Use a password manager

If you don’t want to come up with a password yourself, you can also use a password generator to randomly create combinations of characters. But these passwords are often difficult to remember. In this case, using a password manager allows you to easily manage all your login credentials. Then you only have to remember one master password that does, however, have to be suitably long and complex. After all, anyone who finds out your master password will automatically have access to all your other login credentials.

If you save your login credentials in the Cliqz Browser, you should definitely use a very secure master password.
If you save your login credentials in the Cliqz Browser, you should definitely use a very secure master password.

The Cliqz Browser for Windows and macOS features an integrated password manager that can be secured using a master password. You will find this in the settings menu “Privacy & Security” under “Browser Privacy.” As an alternative, the desktop version of Cliqz also supports LastPass, a browser extension for managing passwords that lets you synchronize your login credentials at no cost across various devices. It must be said, however, that Cliqz has no control over what data LastPass has access to.

In addition to an integrated password manager, Cliqz also offers LastPass integration.
In addition to an integrated password manager, Cliqz also offers LastPass integration.

A unique password for every service

This generally applies: You should never share your password or jot it down on a piece of paper that you keep near your computer. It’s also important to regularly change your login credentials, immediately replace a predefined password with one of your own, and use a different password for each user account. That means never use the same password for multiple web services. This is because you can never be sure that your login credentials are saved securely by the provider. A hacker who manages to get access to login data is sure to try this out at other services, which could lead to identity theft and financial losses. For additional protection, you should always have the most up-to-date security software installed. This helps prevent the computer from being infected with malware like keyloggers, which can directly extract passwords as they are entered.

Beyond employing complex passwords, use of two-factor authentication is recommended. For the login process, most web services have begun to offer proof of identity using a combination of two independent components. In addition to a password, they usually request a code that is, for example, sent during login as a text message to a smartphone. This method is significantly more secure than just using passwords.


CLIQZ FÜR MOBILE