1. First tips
  2. Password vs. passphrase
  3. A few techniques
    1. A full sentence that you like
    2. A random serie of common words
    3. Leet speak
  4. Graphical demonstration

First tips

Do not reuse important passwords: login of your computer, email account, shell account, etc. Keep in mind that one of those services could be victim of a security problem. In case one of those passwords fall into the wrong hands, it would be dangerous if it could open multiple doors.

Do not store or share your passwords in risky ways: written on papers, post-its, store in your computer if it is not encrypted, in emails, etc.

If you forget your password, send us a new password in its cryptographic form, that you can generate using this tool .

Read also, how-to change the password of your email account.

Password vs. passphrase

A good password may not be very complicated to memorize. But it should be very very very hard to guess. So instead of a rather short “password”, it can be a “passphrase” that could be much longer.

A few techniques

A full sentence that you like

A sentence of a dozen words that you like, that is not really famous but still easy to memorize is a pretty good passphrase and should still be easy to type.

For example:

This earth was made a common treasury for everyone to share.

Note: It should be possible to include accents, but this could sometimes create problems.

A random serie of common words

The diceware uses dice to select words at random from a special list of common words. It allows you to create very strong passphrases that are still easy to memorize.

To use it, throw 5 dice and look for the corresponding word in the Diceware word list in English. Memorize this word. Repeat throwing the dice to select as many word as you want.

For example, you could get:

correct horse battery staple

A passphrase of 4 or 5 words should be enough to protect an email account, but the longer the passphrase the stronger it is. See some notes about the length of the passphrases.

You can also use word lists in other languages.

Leet speak

It is also possible to further complicate a passphrase by substituting letters by numbers or adding symbols. We could further strengthen the passphrase given in the first example by typing:

This 34RTH was made a common #treasury# 4 everyone 2 SH4R3.

But this technique, called leet speak makes the passphrases harder to memorize and do not compensate the weakness of a short passphrase with respect to a long one.

For example, the passphrase of the second example (correct horse battery staple) is mathematically 216 (or 65536) times stronger than the password in leet speak Tr0ub4dor&3.

Graphical demonstration

XKCD #936: Password Strength