15.Cybersecurity: How to remember our passwords

If each of our passwords are unique, long and random characters it is unlikely that we will be able to memorize them all.

A password paper notebook is not a good idea. They fall out of pockets, get left on trains, or beside the computer while you go for a break. Burglars also look for passwords when they break into a house or office. They are easy to find if they look like this:


More secure is a reputable password manager that can manage all your passwords. When you evaluate using a password manager consider the balance of risk.
A password manager only requires you to memorise a single secure password. All the other passwords it looks after can be long, unique strings of random characters: dyet%$eb5YT%^ahyrp)(nd

There is a risk that password managers will be targeted, but they are much more secure than a paper notebook.

Make sure you use a password manager with an excellent reputation such as KeePass. https://keepass.info/index.html

KeePass is free and open source.

A reputable site that recommends KeePass is av-test.org : https://www.av-test.org/en/news/secure-passwords-its-a-snap/

I use a slightly more complex method.

I use a system that I think is more secure than a password manager. Each account has a long and random password eg: uryhcg635FR$"()hfgts*
But it also has a fake date of birth -unless it is a site that needs the correct date of birth.
It has made up security information as well. Mothers name, first school, favourite pet would be different every time, none of them real.
Different types of account use a different email address - e.g. banking accounts use a free highly secure protonmail account. So I record the email address used for each account.

To keep track of all this information I use a spreadsheet. To keep this spreadsheet secure the spreadsheet is inside an encrypted folder - I use VeraCrypt for this. https://www.veracrypt.fr/en/Home.html
I only need to remember a single very strong password.

To ensure I can recover this encrypted folder if my computer was stolen or the hard drive failed I can backup the encrypted folder to a free cloud service - I use one that automatically syncs and a second one that has to be manually synced to protect against ransomware.

The encrypted folder has a name that helps to hide it such as mypetdog.jpg
It is also possible to hide the encrypted folder inside a working video file!

We need to memorise a single very strong password for a password manager or for an encrypted folder.

Many people find it easier to memorize  a series of 5 words. Pick words that would appear to be at random to anyone else, then imagine a story that links them together.

The master password might be:  orange mushroom singing langria sandstone

But remember that if you forget your master password you cannot open your password manager or your encrypted folder. There is no reset button or backdoor.