You can create strong passwords that donít make you memorize a cryptic string of letters, numbers, and punctuation symbols. Here are three techniques:

Use a sentence. Itís easy to remember the first letters of the words in a sentence. For example, children have used this sentence to remember the names of the nine planets: My Very Excellent Mother Just Served Us Nine Pickles. You could use the first letters of those words to generate this strong 9-character password: m*Emjsu9p, where Venus (the morning or evening star) is represented by *, the letter for Earth is capitalized, and nine is a numeral. In practice, itís best not to use such well-known sayings to generate acronyms.


Security expert Steve Gibsonís tips make passwords easier to retain.


Use a pass phrase. Several words mixed with numbers and punctuation symbols is known as a pass phrase. For example: stitch9clock^handsapplausE. The longer the pass phrase, the more secure it is, though youíll be limited by the maximum length the site allows.

Growing the haystack. Developed by security expert Steve Gibson, president of California-based Gibson Research, growing the haystack takes advantage of the ways hackers crack passwords. ďThe first thing theyíll try is the well-known dictionary of most common passwords,Ē Gibson says. ďThen, if they know something about you, they will try to guess things from your life.Ē

To foil that part of the process, Gibson suggests starting with a phrase thatís short but not a common word. That forces the hacker to resort to the slower brute-force approach by trying every combination in existence, which is like looking for a needle in a haystack.

Once youíve accomplished that, ďthe length of the password matters more than its absolute complexity,Ē Gibson says. In other words, make the haystack larger by padding the password with numerous easy-to-remember symbols. For example, the password ďc - @T - - 9 - - -Ē is 10 characters long and is probably not in any dictionary, but itís not very hard to remember.

A caveat: Donít use any of the above examples as actual passwords. Now that they have been widely published, hackers might add them to their dictionaries.