How to Teach Your Team to Make Secure, Memorable, and Unique Passwords Every Time

Published May 12, 2020

kiuwan teamWRITTEN BY THE KIUWAN TEAM
Experienced developers, cyber-security experts, ALM consultants, DevOps gurus and some other dangerous species.

Network security is one of the most challenging efforts in modern technology. In the constant battle between security IT and virulent hackers, we have created some truly incredible defensive technology. But all of it is for naught if a hacker can simply slip through a weakly crafted employee password to access your internal network with seemingly authenticated access.

Depending on the statistic you read, between 80% and 98% of all security breaches aren’t a clever conquering of firewalls and encryption. They’re cracked passwords and phished employees. This is exactly why it’s so important for companies to enforce new password creation from time to time and help them create secure passwords that are actually strong (and not used for every other account of theirs on the internet).

A man cannot access his laptop because he forgot his password

Training Your Team to Craft and Remember Unhackable Passwords

So today, we’re bringing you the solution. No more “count the special characters” default tools. This is the ultimate guide to helping your employees and execs finally build passwords that are not only complete and secure but also delightfully memorable.

That’s right, you and your team can make secure passwords that are long enough full of numbers and letters that seem completely random. And then remember them every single time without a password manager.

Here’s the email you’ll send out next time new password protocols roll around again: 

——————————

How to Create a Strong Password You Will Remember Every Time

It’s new password season again and it’s time to give the hackers a run for their money with some truly unhackable well-crafted passwords. We know, tough passwords are tough to craft and even more challenging to remember.

But we have a solution. Follow this guide and your new password will be both secure and memorable. Tricky passwords can make you smile and can even be impossible to forget if you build them the right way. 

Ready? It’s easier than you think.

Step 1: Write a Funny Phrase

The first step is to write yourself a phrase that is funny to you, personally. It has to be funny, that is the first rule. You must smile, laugh, or smirk every time you think of it. Humor sticks in the mind much more reliably than something serious, so get funny, folks.

Make sure your phrase has at least 10 characters and is mostly original. No classic jokes (woodchucks), and no using the example.

  • Phrase Must Have 10 Words or More
  • Phrase Must Make You Smile or Laugh to Remember
  • Phrase Must be 100% Original
  • Cannot Be Example Phrase (We’ll Know)

Example: “My Dog Likes to Sing Along When I Play Music”

Step 2: Turn Your Phrase Into an Acronym

Next, turn that joke phrase into an acronym. Simply take the first letter of each word and add it to the string in lower-case. This is the base of your password. But don’t worry, it’ll get a lot more complicated from here.

  • Take the First Letter of Each Word in Your Phrase
  • Create a String of Letters From the First Letters

Example: “mdltsawipm”

 

Step 3: Replace 2 Letters of the Acronym with Numbers

Now for the fun part. Replace any two letters in the phrase-acronym (keep thinking of it as a phrase) with numbers. Pick two that make sense to you as numbers either conceptually or visually. It’s okay to get creative, like using 7 for L or T.

  • Pick 2 Letters in the Acronym that Naturally Become Numbers
  • Change Them

Example: “mdl2saw1pm”

Translation: “my dog likes 2 sing along when 1 play music” 

Step 4: Capitalize 2 Letters of the Acronym

Now pick two letters to capitalize. Pick two that seem natural to capitalize in your mind. The easiest way is to use the natural emphasis of how the phrase sounds in your head.

  • Pick 2 Emphasized Words in the Phrase to Capitalize
  • This Makes Them Easier to Remember

Example: “mDl2saw1pM”

Translation: “my Dog likes 2 sing along when 1 play Music”

Step 5: Replace At Least 1 Letter of the Acronym With a Symbol

Now replace at least one letter that is still left with a special character. Again, use your intuition and what seems natural to you.

  • Pick One or More Letters That Naturally Translate Into a Symbols
  • Change Them

Example: mDl2$@w1pM

Translation: “my Dog likes 2 $ing @long when 1 play Music”

Step 6: Only Keep Your Phrase as a Reminder

Congratulations, you have not created a seemingly random password that means nothing to a hacker or anyone other than you. But every time you enter that password, you’ll be telling yourself a little joke that will make it much easier to remember. Your own inflection and intuition have formed the special changes, so the only note you may need to help you remember is the original phrase. Without any of the custom changes.

  • Write Down the Original Phrase Without Any Special Notation
  • Remember the Special Notation Based on How You Chose Them

Example: “Note to self: My dog likes to sing along when I play music”

Step 7: Delete This Email So Hackers Can’t Guess Your System

Lastly and most importantly of all, delete this email or we will automatically delete this email from the servers. After all, we can’t have the secret getting out. Stay secure, folks, and don’t share this password or use it anywhere else on the internet. Just in case some network other than ours gets hacked. But do feel free to use this technique for every other password you make in the future. Your admins will appreciate it.

We appreciate it.

 

———————

And that’s how you train every employee from the CEO to the mail-room clerks how to make secure passwords that stick in the mind and are as unhackable as a password can be! Naturally, you can adapt the instructions for any unique requirements your office may have, like longer phrases or more unique characters as needed. 

Cybersecurity Starts with the Code

However, using strong passwords does not help by itself if there are open backdoors and vulnerabilities in the application you are trying to secure. Kiuwan’s mission is to support software development with effective static application security testing and source code analysis. 

Is your company’s software development aware of vulnerabilities in their code? Get in touch with us for a trial of Kiuwan, today!