There's no shortage of advice already online about the importance of creating secure passwords. But the problem comes when you need to create something that's both memorable and secure. You could use an online password manager to remember them for you. Google has one built into Chrome that, if you're logged in to the browser, will save them to your Google account; or you could try something more independent, like LastPass. However, these vaults are only secure so long as they don't become compromised themselves. There is another way and this post should help.
The National Cyber Security Centre carries its own advice on creating secure passwords that they promote through the use of #thinkrandom on social media: use three random words in your passwords. Even this advice creates its own problems, because how do you remember what words you used for which website account? Make a list of random words that you keep safe somewhere and let the name of the website you're on remind you which ones to use. Here's how.
Not just three random words, but twenty-six!
To come up with a comprehensive list of random words, write the letters of the alphabet down one side of a piece of paper. Then, just write down next to each letter, the first random word that comes into your head that starts with that letter. They don't have to be particularly memorable as you're going to save this list for later. For A, B and C, you might have, 'aardvark', 'bouncer', and, 'coffee', for example. Every website's password you ever create from then on uses this same list of random words.
Let the name take the strain
When creating your new password for, for example Facebook, take the first three letters of the website's name - in this case, F, A, and C - and return to the list of random words you came up with earlier. Now, collect the corresponding words for those first three letters and write them down one after the other. So, your new password for your Facebook account might be, 'figleafaardvarkcoffee'. Pretty secure, and definitely hard to guess. But you needn't stop there.
The finishing touches
You might have noticed that an increasing number of websites ask that your password includes capital letters, numbers and at least one special character. No problem.
Just take the password you developed in the previous step and start it with a memorable number: maybe use the year of your birth. To finish it off, use the same punctuation mark every time. And, to include capital letters, just capitalise the first letter of each word. Now your secure password might look like this: 99FigleafAardvarkCoffee?
How secure is that?
It can be a good idea to visit How Secure Is My Password to find out just that. The website asks you to enter one of your passwords and instantly feeds back an estimate of how long it would take a computer to work out the password you've just given it. Were you to enter our example password above to the site you'd find it reckons it'd take a computer 5 octillion* years to crack it. To put that into perspective, the Universe is reckoned to be, 'only,' 13.8 billion* years old.
So, how secure could your password be? Follow our advice, and on a scale of one to ten, about 5 octillion.
*When both these numbers are written out as digits they look like this: 5,000,000,000,000,000,000,000,000,000 and 13,800,000,000