People ask us about picking strong passwords all the time. There are a few factors to think about when choosing a password regarding how complex it should be, and how to make a strong password memorable.

Firstly, what kind of site is it? Is it a site that you visit every day? Is it a site that requires extreme security? Or is the site one that you don't really care if people break into, or is it someplace in between? The category of site is very important to consider because sites range in security needs from support forums that don't need a lot of personal security all the way up to banking and financial sites that require an Extremely strong password.

Ready for some basic (but cool) Math??

Here is a rather simple way to understand passwords by thinking of them in terms of LENGTH and possible characters in relation to how complex your password is going to be. Then applying that strategy in a simple way to leverage this knowledge and create a strong yet, memorable password.

To start off, we'll use a common code, the PIN. The math works like this:

Using just numbers and a four character password you are going to have:

This means 10 raised to the fourth power (10^4) which equals 10,000, the total number of possible combinations. Does that seem like a lot? Not really... Now, consider adding letters. Then, you've got 36 possible characters and any 4 character password will have:

or just over 1.5 Million. Now, if you add caps to the list, that would mean:

That's almost 15 MILLION. When you go further and add in symbols, there are about 10 symbols that you could add to the list of possible (acceptable) characters and that would mean a total of 72 raised to whatever power you choose for your password length.

(Some symbols are not accepted like \/-="&*. The password Requester (website) will usually let you know if a certain key is not accepted.)

Now, think about HOW MANY characters to use for your password (at 8 characters, the password that would be 72 raised to the 8th power)

Yeah. That's TRILLIONS.

The last thing to keep in mind is that you only need ONE number, cap or symbol (each) to envoke the higher level of security.

For sites that don't require extreme security you could use a password that is between four and eight characters long. For sites that require extreme security, use passwords of 10 or more characters.

Expertek strategy: Keyboard Sequences/Repetitions

Ok that was the math - Now - How to make it MEMORABLE??? Some experts recommend using combinations of words and then mixing in some numbers and possibly some symbols to add to the security. Sure, that would work. Other gurus say that randomized Cr4zY letter-symbol-swap passwords are best, but we think that these are both hard to remember.

Looking down at your keyboard, you see the keys are grouped in a relatively random order already. By using the shift button with either hand you can easily and quickly change upper to lower keys without being seen so the strategy I'm about to tell you is good because it would really take someone OBVIOUSLY staring at you type it in to figure it out.

Much like creating your own combination, select groups of 2-3 keys together at various 'locations' across the keyboard. For instance you might choose:

Using your imagination to create another way of looking at your keyboard, you can see there are endless ways to manipulate it to create a memorable password that uses no 'words' and is strong and secure.

You can run these patterns together (combining a 'shifted' sequence) to create Ultra-Strong, Easily Memorized Sequences as shown below...

Yeah. Good Luck Guessing That. See ya next century!!! I lost track after Trillion...

Wikipedia has a wonderful in depth article regarding password strength.

Lastly, I would like to tell you about RoboForm... It not only keeps track of passwords as you use them and ensures that you're on the right site before presenting your login credentials (stopping phishing attempts), it also has an incredible password generator that offers completely random passwords based on typical rules for top security. RoboForm rocks and you should try the free version. It tracks up to 10 websites for you. We know you will find that it makes using the web not only easier, but more secure. Perhaps you would like to track more than 10 sites, and to be sure, this is THE PERFECT gift for that forgetful friend who is always locking himself out of his websites...