Creating (and Remembering) Secure Passwords

A guide to creating and remembering secure passwords

Over the last few articles in this section of the site, we’ve taken a look at the various ways in which we get password selection wrong. Whilst that’s all very well, we’ve not yet looked at the best ways to create strong, hard-to-crack passwords.

This article is going to take a look at strategies we can employ to improve our password selections and, therefore, their strength.

Part One – Before We Begin

This section contains a list of the things that you need to consider about password creation and use

  • Accept that you’re as likely a target as any other online computer/device user.

Due to the myriad of ways that hackers are able to make use of personal information for their own personal gain, everyone (and I mean everyone) has information contained within online accounts that’s potentially of great value to them.  Just because you haven’t been targeted up to now, doesn’t mean that you won’t be.

  • Keep the whole password affair as impersonal as possible.

Think ‘outside the box’ and don’t choose words or phrases that hold a particular significance for you, such as birthdays or relatives names.  Anyone looking to try and hack into your online life will do their homework first. They’ll scan social media accounts, posts we’ve made on forums or within other online services and build a picture of who/what is important to us.  This information can then be used to build a list of potential passwords.

  • Don’t share your passwords with anyone.

Really, this little gem should go without saying.  And yet, there are a surprising number among us who do share our passwords at some time or another.  Consider it the equivalent of permanently handing someone a set of your keys to your house.  They’re then free to come and go as they please until you change the locks.

Part Two – Choosing Your Password

When it comes to choosing a password, the world really is your oyster and the options limitless. This section contains a few tips for choosing passwords that are both strong and not too hard to remember:

    1. Use a sentence or phrase as the basis for your password –  Rather than choosing a single word or two as a basis for your password, think bigger.  Think of an entire phrase as your starting point for what you’ll use to secure something.  (More on this below)
    2. Make It Long – As we looked at in a previous article, password length can make a big impact on the length of time it takes to crack it. At least 8 characters is ok, more than 10 is ideal.  (It’s worth noting here that some websites and applications limit password length so in some cases we might have to choose slightly shorter ones)
    3. Mix It Up – use a variation of CapItAl and lOwErcASe letters in your password, as well as a couple of numbers.  At least one of each within your password makes a difference, but jumbling a handful up is even better. Try to avoid grouping them together too much if you can.
    4. Give It Some Space – Ok, so many password systems won’t allow you to add physical spaces (although there are a few that will). However, the _underscore_ makes a fairly nice alternative to a physical press of the spacebar and is just as efficient.
    5. It’s All A Bit Symbolic – in addition to CAPITAL letters, lowercase letters and numb3rs, make sure that there’s at least one symbol in there too (@#!*&).  This adds another frustrating curveball for any would-be hacker.  (In some places, I’ve read suggestions to use the computer’s character map/palette to insert special characters.  However, I’d advise against this as entering the password across different platforms might become difficult or impossible.  It also adds more hassle for us to enter them at all and, ultimately, won’t increase our password security that much)
    6. Change Is As Good As Rest – Change your passwords periodically.  Once every three to six months should be adequate in the majority of cases, but you might want to change it more often in some circumstances.
      NOTE: If you have any concerns that any of your accounts might have been compromised, change it’s password IMMEDIATELY


Part 3 – A Working Example

In this section, I’m going to go through the process of creating a secure and fairly easy to remember password, together with explanations behind the choices.

1. Choose My Sentence or Phrase
For this, I’d suggest using a mnemonic device to come up with something.  One such example is the Person-Action-Object (PAO) method.  Just go onto the internet and find an image of a person performing an action to or with an object, something that has an appeal or sticks in your mind.

And here’s mine:

And my POA phrase from this is “cute squirrel dances in the woodland”.

2. Use My Sentence to Create a Password
The easiest way to do this is to take certain letters from our phrase to assemble a password that’s not too hard to remember. In this example, I’m going to choose the first two letters from each word, giving me:


Already, we can see that the above password is little more than a random set of twelve letters and on it’s way to being tough to crack. But we’re not quite there yet.

3. Spaces/Uppercase/Lowercase/Numbers/Symbols
Now we’re going to mix things up a little more with the addition of some random characters. These characters will still hold some meaning though.

a. First of all, lets add a space after what the squirrel is doing, but before we know where he’s doing it:


b. Now, lets throw a couple of numbers in. A useful way to do this is often in place of certain vowels. This will give us:


c. Now, capital letter(s):


d. And lastly, another symbol:


And there we go, we’ve just created a password that’s based on a dancing squirrel. Not bad for ten minutes work huh? Not only that, it’s a password that’s got all the ingredients of being strong, hard to guess and apparently nonsense.

However, the above example I’ve provided might not be the best in terms of being able to memorise it. It’s a random squirrel in a random picture and holds no significance for us. However, we can translate the above into our personal lives.

Say I’ve got 3 children; Larry, Barry and Cornelius (poor bugger) and that their favorite hobby is soccer, which they all play together every Saturday from 11am.

This can give us: “Larry, Barry and Cornelius play Soccer every Saturday at 11am”.

And my password is: “La,Ba&CoplSoevSat@1100”

I’ve stated a series of facts that I’ll remember, I’ve mentioned no full names or other details, the password includes all the right ingredients (upper/lowercase letters, numbers, symbols) and it’s 22 characters long!

Actually, that might be a bit too long. So lets make it a bit shorter: “L,B&CpseS@11”

There we go, now down to just 12 characters and still plenty secure enough.

Part Four – Memorising Passwords

Now that we’ve chosen our password, the next thing we need to do is ensure that we remember it. In some cases, this might not be too much of a problem but what if we have several accounts and we need to remember which one goes with which?

The first thing I’d suggest here is to use a similar “cypher” for all of your passwords. Have certain rules that you use in order to create them. For example:
In any password you create you;

  • only use the first two letters of each phrase word
  • every ‘e’ in the password is replaced with a 3
  • any number is prefixed with # (not including our letter changes)

and so on.

This provides a structure to our password creation and assists in remembering them.

It’s also ok to write them down (in hardcopy) and keep them in a safe place, away from your computer and from any prying eyes. Remember, we’re defending against people trying to remotely access our accounts via a network connection, not from someone rooting through the bottom of your underwear draw. If you do happen to forget a password for a particular account, it’s easily sorted out.

It’s also possible to ‘code’ your written down passwords so that if anyone should happen to see the list, it’s still of very little use. The easiest way to do this is to add an offset pattern, where each coded character is a number of alphabetical letters or numbers higher than the actual character used.

For Example:
with a +2 offset pattern would become:
where the first character (in this case ‘2’) is the offset number. Notice that I also changed the symbol ‘&’ into ‘(‘, because that’s 2 digits higher on the keyboard.

In any case, be creative. Don’t just use the examples I’ve provided here. As I said at the beginning, think bigger!

Part Five – Password Managers

An alternative to a fair amount of what I’ve described here is to use a Password Manager.

“A password manager is a software application or hardware to assist in creating, storing, and retrieving complex passwords from a database. Password managers usually store passwords encrypted, requiring the user to create a master password: a single, ideally very strong password which grants the user access to their entire password database. Some password managers store passwords on the user’s computer (called offline password managers), whereas others store data in the provider’s cloud (often called online password managers). However offline password managers also offer data storage in the user’s own cloud accounts rather than the provider’s cloud. While the core functionality of a password manager is to securely store large collections of passwords, many provide additional features such as form filling and password generation.”

Source: Wikipedia

I’m not going to go into any further detail on Password Managers here, but if it’s something you’d like to consider PC Magazine have reviewed both free and paid versions. I’ve linked both articles below.

Troubleshooting Display Devices

Some common display device problems and possible solutions.

Like all computer hardware, display devices can develop problems and faults. In this article we’re going to look at the more common problems and their possible solutions, starting with the easiest and most obvious.

Dark Screen
A dark screen or unlit power light may indicate that there is a fault to the power supply. This is somewhat fundamental and basic, but I know of more than one person who’s been caught out by it.

  • Check that the power cable is connected to both the display device and wall socket
  • Check that any connected surge protectors haven’t been tripped
  • Check that any circuit breakers haven’t been tripped – If power isn’t getting to any other local devices, then this is a likely cause.

Dim or no Image on Screen
Assuming that the power light of the display device is on, this could be due to an issue with data cables, improperly adjusted settings or the display being in power saving mode.

  • Press the power button to switch the device off, and then switch it on again (the famous “try and restart it” method).
  • Ensure that the data cable is correctly connected to both the display device and the input device.
  • Unless the display is particularly old, you should see an On Screen Display (OSD) message when power is present but no cable connected. In this case, a signal problem is most likely the issue.
  • If no OSD appears when a cable is disconnected then the display itself is likely faulty.
  • If an OSD does appear when the cable is disconnected and the device still fails to show any images, check the brightness and contrast settings. OSDs are not affected by these settings, so it would still appear.
A television OSD – In this example showing the channel and volume

Flickering or Distortion on CRT Devices
Flickering on a CRT (Cathode Ray Tube) type device is most often caused by a disruption to the signal being sent to the monitor.

  • Check the security of the connections between the device sending data to the display device and the device itself. It may need to be adjusted so that it is more securely connected to the video port, or there may be broken or bent pins. Attempt to straighten any bent pins and, in the even that any are broken, replace the cable itself.
  • An incorrect display adapter or adapter drivers may also cause this problem. If the POST (Power-on Self Test) is visible, but then the screen goes black once the system has started, it’s worth attempting to boot the device in VGA mode (‘VGA mode is a legacy mode with minimal video drivers and a screen resolution of only 640 x 480) and to verify that the correct adapter and drivers are being used.
  • The refresh rate may not be set correctly. The rate should normally be set as high as the adapter and device are able to support but, if set too high, it’s possible that this may have damaged the device.
  • Check the proximity to other devices of a similar nature. If a CRT display device is too close to another, then interference may become apparent. Continued interference of this nature may cause damage.
  • Check the colour depth settings on the display device. Incorrect settings may cause unusual effects on the display device.

The Display Switches Itself Off
This is normally caused by interruptions to the power supply of the display device from within the computer system itself.

  • Power Management Settings. These can be altered by going into the CMOS (Complimentary Metal Oxide Semiconductor) settings or in the display settings of the computer’s operating system.
  • The display’s video card is shutting down due to overheating. The only real solution here is to replace the video card or install additional cooling fans into the computer system.
An example CMOS/BIOS Screen

Application Problems
if a display device behaves in an erratic fashion, flickering or going blank from time to time when a specific application is running, it’s possible that the application requires an alternative resolution or colour depth. Right click on an area of the screen that doesn’t contain an application and select ‘screen resolution’ to change the settings.

Defective Pixels
Pixels that make up an LCD display device output will sometimes not display as they should. Generally speaking, there are two types of issues that pixels can fall foul to:

  • Dead Pixels are pixels that don’t display the output ligfht as expected. This is obvious when the LCD is displaying an image and there are black spots visible, containing no light.
  • Stuck Pixels are pixels that only show light so they are noticeable and out of place when the LCD is displaying an image. These lights can show as red, green or blue.

Repairing pixels that have become defective can be rather difficult to accomplish. In this case, the first port of call is to contact the manufacturer to check for warranty information. If the monitor is older and therefore out of warranty, it might be possible to fix the pixels by trying the following:

  • Use a blunt object to apply pressure to the screen in the area of the dead/stuck pixels.
  • Use heat, applied to the area of the defective pixels. In this case, we’re talking only about a hot, wet cloth that’s placed in a plastic bag and then applied to the defective area of the screen.
  • Use a defective pixel software utility. Such examples are: JScreen Fix, Dead Pixel Tester 3 and PixelRepairer.

Colour Issues
If the colour of a display device appears to be presenting incorrectly, the most likely cause is that the settings for the device are wrong. Simply adjust the settings to adjust the screen’s colours.

In the case of CRT displays, it’s possible that the device will need degaussing.

Physical Damage
This is something of a non-starter really. If there is visible physical damage to a display device, the most likely outcome is that it will need to be replaced. Cost and time considerations often mean that repair is not worthwhile.

Distorted Geometry
There are generally two causes for a display device to develop distorted geometry.

  • Running a monitor at a resolution that is not within it’s memory. This is easily fixed by using the standard monitor controls or adjusting the resolution via the computers operating system.
  • Magnetic interference. As mentioned in an earlier section of this post, attempt to move the device away from any possible causes of magentic interference. Again, over time, this form of interference is likely to cause damage over time.

Burn In
Image persistence (also known as ‘burn-in’) can happen with any type of display device. Burn-in is more prevalent on CRT and plasma displays than on LCD and is more likely to be prevented on LCD screens through the use of screensavers.

Oversized Images and/or Icons
Ordinarily, this is simply caused by the incorrect resolution being transmitted to the display device from the computer system. To correct, simply go into the display settings on the computer and adjust accordingly.

Video Card Issues
With video cards, there are some specific problems that can lead to, equally specific, symptoms.

  • If the computer will only boot into VGA mode, it’s very possible that the video card drivers are either missing or corrupted.
  • Visual anomalies or errors in the visual display of an image, known as ‘visual artifacts’
  • A Windows stop error, also known as the ‘Blue Screen Of Death’ or BSOD’ can be an indicator that there are issues with an installed graphics card.
  • Curves, waves, patterns or distortions in the video image.
NVidea GEForce 7800 Graphics Card

Here’s some additional troubleshooting steps to take in the event of video card issues:

  • Ensure that the graphics card is installed and seated correctly on the computer motherboard.
  • Ensure that the latest drivers for the installed graphics card and chipsets on the motherboard.
  • Check for any possible interference with other devices that are in close proximity. Try removing any devices that you suspect may be causing an issue.
  • Ensure the system is not being ‘overclocked’ beyond the capabilities of the installed graphics card.
  • Check physical items such as power cable connections and that all cooling fans are operating correctly.

Study Reference Disclaimer