The password conundrum: Choosing and remembering strong passwords

By Allstate

Last updated: January 1

The password: It protects important personal, professional and financial information online. And you've heard the warnings: Never use the same password across accounts; don't choose familiar words or numbers; change your password frequently.

But, with the number of accounts people need to access, this might be challenging.

It's a password conundrum: How do you keep your data secure and still remember all your passwords? From good old-fashioned memory techniques to tools and apps, here are a few ideas to help.

identity protection, reinvented

Your data is valuable. Time to treat it that way. Allstate Identity Protection helps you secure your data.

Choosing a password

According to GCFLearnFree.org the more diverse and longer the combination of letters, numbers and symbols, the harder a password is for hackers to crack. To that end, they recommend never using personal information, always using at least six characters, including both numbers and symbols, and avoiding words that can be found in the dictionary, among other things.

The United States Computer Emergency Readiness Team (US-CERT) warns us, however, to watch out for common letter-to-symbol conversions, such as using the numeral "0" for the letter "o" or "1" for the letter "i," as cybercriminals' sophisticated tools can catch on quickly.

You should also avoid using familiar phrases, famous song lyrics and quotations, says US-CERT. Instead, they suggest you create passphrases. For example, you could turn "I like to walk my two dogs in Jefferson Park." into "iLtWm2dIJp!"

Remembering passwords safely

Even with the techniques above, when you're managing numerous accounts and using more than one device, it's easy to lose track of some of your login information. If you're still having trouble remembering all your passwords, you have a few options:

  • Use a password manager. A password manager is an app or web browser add-on that securely stores your logins and passwords. You can customize it to autofill your passwords and some apps may even generate (and remember) strong passwords for you, says US-CERT. Some password managers also have an option that allows you to set a master password that helps protect access to all your other passwords and login information.
  • Set password recovery options. Many websites have a password recovery option so you never get locked out of your account. Simply enter an alternative email or your mobile phone number so you can receive an automated reset link in the event you're locked out of your account.
  • Go analog. You can still write down your passwords — just keep your list in a safe place away from your computer, US-CERT says. Don't ever store them in a file on your computer or any devices.

Once you've found a system for choosing strong passwords — and remembering them — you'll be able to help minimize the chances of your data being compromised.