Understanding how to remember passwords can help you break the endless cycle of password resets.
If you don’t use the right methods to create strong, hard-to-remember passwords, you’ll be tempted to resort to weaker, easier-to-guess passwords that put your information at risk. When you have a different password for each account, it’s not easy to keep them all straight. Luckily, there are several strategies you can use to remember your passwords.
The best way to remember your passwords
Some people use mnemonic devices or personal references to remember their passwords, such as creating rhymes, using vocabulary from pop culture, and even intentionally misspelling words. We recommend that you never resort to one of these methods to remember your passwords.
While it’s understandable that people want to use hints that their minds can latch onto, cybercriminals are clued into those tricks and can use those same context clues to break into accounts. Even if they can’t think of them on their own, they can use password-cracking tools that rely on human predictability.
It’s never safe to resort to memorization techniques for any of your passwords because every password should be unique and never reused. The average person has around 240 online accounts that require a password, and no one can keep track of that many unique logins. The best way to remember passwords is by storing them in a safe place. Here are 3 password storage options with varying degrees of security:
- Your browser or iPhone keychain
Relying on a web browser or iPhone keychain to remember your passwords can be convenient because of autofill and the ability to save passwords across different devices. However, this isn’t a secure way to remember passwords due to the risk of device theft or remote device access methods. Even if your device isn’t stolen, walking away from it for more than a few seconds could allow a cybercriminal to access your passwords.
- Password-protected spreadsheet or note on your phone or computer
A spreadsheet, note, or another loose document that contains passwords is a goldmine for cybercriminals, who can easily access every password by theft or shoulder surfing, which involves peering over someone’s shoulder to steal information. Without any encryption to conceal your passwords from a casual onlooker, loosely storing passwords on a device is a bad idea.
Beyond being unsafe, this option is inconvenient, as most users have too many passwords to keep track of in the first place. You’d need to remember to add new accounts and passwords as you create them and update passwords in the spreadsheet whenever you change them.
- Password managers
In contrast to most password storage techniques, password managers are tools that aren’t only secure but also easy to use. Password managers use encryption to securely store a user’s account information. Though every password manager is different, each platform has storage for remembering passwords and additional features that save time, such as autofill. Some have added security compared to using web browsers and other less secure methods. Password managers like Dashlane use zero-knowledge architecture so that not even the company can access your data. You are in total control of your information. Here’s what a password manager looks like:
Dashlane also automates the password storage process by signaling users to save a password in the browser when they log in to an account that hasn’t been previously stored or when it detects that a new account is being created.
4 of the worst ways to remember your password
Despite being easy or convenient, these popular methods are insecure and could put your data at risk:
- Writing passwords down on a piece of paper
In theory, writing your passwords down on a physical piece of paper instead of storing them on a computer seems like the perfect way to outsmart cybercriminals. However, this method is susceptible to good, old-fashioned theft. If you have sticky notes on your laptop, on your monitor at work, or in a notebook, leaving those items unattended for even a moment could allow a cybercriminal to steal your passwords.
- Storing passwords “loose” on your computer
Storing passwords in a notes app, Google doc, or file folder on your computer is ill-advised. In addition to being susceptible to physical theft of the device, criminals can even access your documents remotely using creative RDP hacking techniques. These storage methods are accessible by anyone because even if they’re password protected, they aren’t encrypted.
- Reusing passwords from other accounts
When cybercriminals access a stolen password, they typically try to use it across multiple accounts and can use software that significantly speeds up the process. While a Netflix account breach may not seem like a big deal, if you’re reusing the same password for more sensitive accounts, such as banking or social media, cybercriminals can access those accounts, too.
Reusing passwords also creates the hassle of having to check every account for a data breach after the first breach is reported, as well as updating each account with a new password after the original password is stolen.
- Creating a password using identifying information
Identifying information, such as where you went to school, part of a previous address, or names of relatives may be easy to remember, but they’re not safe to use as the first line of defense in protecting your information. No matter how clever you think your identifying information is, much of it is searchable or discoverable online, so your password memory trick is actually a vulnerability.
How to choose a password you can remember
A good password consists of more than just hitting the minimum number of characters and symbols required by a platform. If you find yourself forgetting these guidelines, keep in mind that shortcuts are generally a bad thing. After all, a password should be difficult to remember. Here are 4 things you can do to create a strong password:
- Generate long and complex passwords
Avoid using dictionary words–even purposely misspelling words isn’t a strong enough security measure–or identifying numerical information. Instead, opt for a long string of random capitalized letters, lowercase letters, numbers, and symbols. If you want a bulletproof password, Dashlane’s free Password Generator is a great place to start.
- Don’t reuse the password for any other account
A good password is unique and original, which means it’s not used for more than one account. As mentioned, when cybercriminals gain access to a stolen password, they try to use it across many other account types. Reusing passwords puts each account at risk of getting hacked. Using only one password per account makes the potential effects of a cyberattack far less devastating.
- Store it securely
A strong password ensures your data stays safe, but it doesn’t do much to prevent a cyberattack if you store it in a place that’s easily accessible by strangers. Password managers are more secure than internet browser password storage software, paper trails, or loose documents on a device.
- Don’t share it with others just anywhere
While it may be easy to quickly share passwords with others using a chat app, email, or text, this practice is unsafe for several reasons. Firstly, remember that the more users per account, the more access points there are for cybercriminals. Secondly, the safety of the channel through which the password is saved matters. Sharing passwords, if necessary, should take place through a secure and encrypted channel, such as a password manager.
Ever wondered what other attributes make a password strong? Read Dashlane’s 10 Tips for Increasing Password Strength.
The best password manager to use
Password managers are the best way to store all your logins in one place. Some password managers use encryption—the automated practice of scrambling a password into a different code of letters, numbers, and symbols before storing the data—to protect the user’s data from outsiders. Dashlane uses AES-256 encryption, which is also used by some government agencies, and also employs zero-knowledge architecture in its code to prevent everyone—including people within the company—from unencrypting user data.
Dashlane is a one-stop shop for several cybersecurity concerns. Most importantly, it eliminates the need to remember every single login and only requires one Master Password to access the password vault. It’s a secure way to share passwords between colleagues, family, and friends that makes syncing passwords across different devices seamless.
Password managers can help individuals and businesses remember passwords while maintaining cybersecurity. Read how one company gained total password protection and gave employees’ peace of mind with Dashlane.
- Dashlane, “Why Employees Shouldn’t Let Browsers Save Their Passwords,” 2021
- TechTimes, “Forgot Your Password Again? Here Are Tricks to Remember Strong Passwords,” 2022
- Dashlane, “How Strong Is Your Password & Should You Change It?,” Aug 2022