University of Wisconsin–Madison
Computer displaying password window

3 ways to create strong passwords you can remember

Coming up with strong passwords is easy, just bash out 8 to 12 random keys and you’ve got one, but good luck remembering it! Likewise, the traditional, and perfectly good advice for creating strong passwords, making them 8-12 characters long, using number and special characters, avoid dictionary words, etc., has the same problem – it doesn’t always result in a memorable password. This need not be a problem if you’ve got an excellent memory, or if you use a password manager. Tip: The Mac OS has a strong and reliable built in password manager, called Keychain. For Windows users, try KeePass.

The real challenge is coming up with a unique password for every login you’ve got, that is both strong and memorable. Fortunately, we can help you with that. Consider the following methods for creating your passwords:

Use the Person Action Object (PAO) method

Computer scientists at Carnegie-Mellon university recommend the PAO method for creating secure, memorable passwords. The method was popularized in Joshua Foer’s 2011 book Moonwalking with Einstein.

  1. Pick an memorable place, such as “Devil’s Tower”
  2. Pick a familiar or memorable person, like “Richard Dreyfus”
  3. Imagine a random action relating the two, like “making a model from mashed potatoes.”
  4. Now combine these into a mini-story: “Richard Dreyfus modeled Devil’s Tower in mashed potatoes.” This story becomes the mnemonic device to help you remember your password. The images and situation it describes make it easier to remember
  5. Finally, select letters from the mini-story to create a password from, e.g., “RDmodDevTowmp”

Create an abbreviated password phrase

Take a favorite quote, song lyric, line of poetry, or book, movie, or song title, and make it into a password. For example, “To Kill a Mockingbird” becomes “2kll@mbird” or “Ride of the Valkyries” becomes “R1d3V@lk.”

Use a password “recipe”

Memorize a basic recipe, which is to say a set of rules, also known as an an algorithm, for constructing passwords. When you create a new password, you simply change one or two ingredients for the different types of passwords you need. While this may seem complicated, it’s actually an effective way to memorize multiple passwords.

  • For example, if the rule set is:[Movie in Caps] + [Last Digit of Current Year] + [Special Character] + [Site Type in Small Case] then [Gone with the Wind] + [2008] + [Asterisk] + [E-commerce Site] = GWTW8*es
  • and [Gone with the Wind] + [2008] + [Asterisk] + [School Site] = GWTW8*ss

We all vary in what we find easiest to remember, so consider which of these methods will work best for you, and give it a try.

For more advice on creating strong, memorable passwords, and keeping them safe, see our guide, How to select, manage & protect your passwords.

Related article: Forget Tough Passwords: New Guidelines Make It Simple

Edited on 9/6/2017.