Kadansky Logo

Personalized Computer Services

(617) 484-6657
Home

Services

How I Work

About

Contact

Resources

Newsletter

NEWSLETTER
Practical Computer Advice
from Martin Kadansky

Volume 18 Issue 9

September 2024

Three Random Words: An Easy Way to Create Strong Passwords


The problem: Choosing a strong password seems like a lot of work

 

Passwords are important. They help protect your personal or company data and equipment, your email, your privacy, and more. Passwords that are short, simple, and easy to guess are considered “weak” because they put you at risk from malicious hackers and their software. Choosing “strong” passwords (i.e., ones that are longer, more complex, and unpredictable) is one important part of having good security.

 

Making an unpredictable password includes:

 

  • Not using common passwords, like “password1,” “123456,” etc.,
  • not using substitutions, like “pa$$w0rd1” which hackers already know,
  • not using the same password over and over,
  • not using obvious minor variations, like replacing “Jimbob23” with “Jimbob24,”
  • and not using any personal information, like your birthday, street address, children’s names, etc., since there is already an enormous amount of information about you on the internet.

 

However, it can be exhausting to come up with yet another strong password every time you’re forced to pick a new one.

 

Choosing a strong password: The current guidelines

 

Here’s the very good standard advice about how to choose a strong password:

 

  • Always create a unique password that you’re not using for any other account,
  • with at least 8 characters; some websites might require your password to be longer,
  • and at least one uppercase letter, one lowercase, one digit, and one piece of punctuation (sometimes called a “special character”),
  • and be sure to put it on your password chart (whether paper or electronic) right away since you will never remember it.

 

Read on for my advice on a simple approach that accomplishes all of this and more.

 

An easy method for creating new strong passwords

 

I learned this simple technique called “three random words” from my very knowledgeable computer colleague Adam Frost (http://www.ComputerCareAndLearning.com) who adapted it from recommendations published by the National Cyber Security Centre (NCSC) in London.

 

Here’s an example of a strong password created with this method: Stapler*4289Pasta*Black

 

Follow these steps to construct a new password like that, either when a system or company prompts you for a new password, or when you’ve decided to change it for your own reasons:

 

  • Three random words: Let’s say that you’re choosing a new password for your amazon.com account. Begin by coming up with three words that are not related to amazon or shopping and are not related to each other. If nothing comes to mind, look around your desk or the room, look out the window, think about what you had for lunch, or what you’ll be doing tomorrow. For example, you might pick stapler, pasta, and black, so for the moment the new password is: staplerpastablack
  • Punctuation: Separate the words with asterisks: stapler*pasta*black
  • Capitalize each word: Stapler*Pasta*Black
  • 2-4 digits: Come up with numbers that have no meaning to you or amazon, and avoid “1” or “12” or “123,” etc. Since many people put the numbers on the end, put them in the middle or at the beginning instead: Stapler*4289Pasta*Black
  • Don’t use any spaces.
  • You’re doing great, but you’re not done yet. Enter this proposed password into the system’s “type your new password here” prompt to find out whether it’s acceptable. If it gets rejected, adjust the password as directed and try again. Common problems can include using incompatible punctuation, prohibited words (like your name or the company’s name), re-using a previous password, etc.
  • When the system accepts it, add it to your password chart immediately. For a chart that you maintain with your Windows or Macintosh computer, type it carefully (or use Copy and Paste). For a paper chart, write in pencil (because it will probably change over time), underline (or double-underline) each capitalized letter, and be careful to distinguish zeros from letter-O’s, fives from letter-S’s, etc.
  • Going forward, choose different sets of words and numbers for each future password. Don’t reuse them!

 

There you go! In no time at all and with minimal thought and effort, you’ve just created a new password that is:

 

  • Very strong,
  • 23 characters long, far longer than the minimum recommended length,
  • Unique,
  • Unpredictable,
  • Devoid of any personal information,
  • Easy to type,
  • Easy to write on a piece of paper,
  • and easy to read over the phone to someone else if necessary and appropriate, e.g., to someone that you know and trust who also needs access to the given account, which could include a family member, bookkeeper, consultant, etc.

 

Variations

 

You could just as easily have chosen:

 

  • Different punctuation: Stapler#4289Pasta$Black or Stapler@4289Pasta.Black
  • Different capitalization: STAPLER*4289pasta*black or stapler*4289Pasta*Black or stApler*4289pasTa*blacK
  • Different digit placement: Stapler*42Pasta89*Black or 42Stapler*89Pasta*Black

 

But for now it’s probably a good idea to keep it simple as you get accustomed to this technique.

 

Where to go from here

 

Have fun with this method -- Use it to make creating new passwords an entertaining challenge!

 

How to contact me:

email: martin@kadansky.com

phone: (617) 484-6657

web: http://www.kadansky.com


On a regular basis I write about real issues faced by typical computer users. To subscribe to this newsletter, please send an email to martin@kadansky.com and I'll add you to the list, or visit http://www.kadansky.com/newsletter


Did you miss a previous issue? You can find it in my newsletter archive: http://www.kadansky.com/newsletter


Your privacy is important to me. I do not share my newsletter mailing list with anyone else, nor do I rent it out.


Copyright (C) 2024 Kadansky Consulting, Inc. All rights reserved.


I love helping people learn how to use their computers better! Like a "computer driving instructor," I work 1-on-1 with small business owners and individuals to help them find a more productive and successful relationship with their computers and other high-tech gadgets.

Printer-friendly version

Subscribe to this free newsletter

Go to the Newsletter Archive

 

 

To the Top


All original content copyright © 2002 - 2019 Martin Kadansky

Site designed and developed by and copyright © 2002 - 2007 ozbarron