How to make a strong master password
SECURITY

Strong Master Password For Your Password Manager

I love my password manager with only having to remember one strong master password.

Why a password manager? Because it enables me to use (generate) complex passwords… Which provide the best security for my various logins that I don’t need to remember!

But there’s only one problem (which is easily resolved). You need to remember one STRONG password as your Master Password to unlock the password manager itself! This unlocks the vault. After that, the heavy lifting is done by the password manager.

I have used a number of various password managers over the years. Right now I’m using LastPass. It has worked out well. I like its built-in password generator too.

How to Make a Strong Master Password

Thinking of a strong master password is not going to be as hard as you think. But you will need to remember it. Because if you don’t, you’re not going to get into your password manager. And for most of them, there’s no way to recover it (which is why they need to be strong, secure, and easy enough for you to remember).

Sadly, the #1 most commonly used password (in general) is “123456”, and the 4th most common is “Password.” Crazy, right? That would take a hacker just milliseconds to discover! Okay, so lets fix that…

Here’s what we want… Simplicity (in your own mind), yet Strong.

A you-friendly approach to password design.

A long password, with words that are not identifiable with you, by others.

In other words, if you have a dog named Max, a bad password would include his name. Pretty common sense. But many people choose passwords along this line of thinking because they think they’ll remember it better. However hackers know this too…

There’s a better way.

There are lots of ways to come up with a good master password. One that’s best is one that’s unique that only you would know about. A password that you will have no trouble remembering. But it will be very, very secure from hacking attempts.

I’m just going to put out some ideas to get you thinking about it.

Here’s one:

Master Password Example

Let’s say that you really enjoy music by the Eagles… Let’s also say that you particularly liked their music by Glenn Frey, who unfortunately is no longer with us. Maybe you saw them in concert, back in the day. An experience you won’t forget. And the ride you had back then (and took to the concert) was a sweet 1970 Dodge Challenger muscle car.

So maybe you put something together like this…

Glenn-Frey-1970-Challenger

Do you know how strong that password is??! Mega Strong!

This password happens to have 26 characters. It uses Uppercase, Lowercase, Digits, and Symbols.

Online Brute Force Attack Scenario (Assuming one thousand guesses per second) would apparently take 8.47 hundred trillion trillion trillion centuries.

There are some nice online tools that you can use to experiment with passwords.

Go ahead and plug that password example in on the following online interactive brute force password checker:
https://www.grc.com/haystack.htm

(or experiment with your own thoughts)

The key to a best master password for your password manager is a phrase that’s only special to you.

It’s easy to come up with one. Consider special moments, places, memories. String several words that tie it together for you. Unless and until they come up with a way to read your mind, you’ll be all set with a great master password!

And yes, I do enjoy music by the Eagles, especially the voice of Glenn Fry. And yes, I did have a sweet 1970 Dodge Challenger back in the day. But no, that’s not my master password!

[ Read: Corsair Survivor Stealth Key Chain Flash Drives | Why I Use This One ]

Similar Posts

6 Comments

  1. I use the first letter of each word of a complex sentence, followed by a number/symbol combination.

    IutfloEwoacs,fban/sc18^

    And no, that is not one of my passwords. :)

    1. That is a great idea! Say the sentence in your head and simply use the first letter of each word… Excellent.

  2. Interestingly, strong passwords are fairly moot on a well setup website nowadays. A truly well setup website will limit login attempts which, means your risk of someone guessing your password is quite low, even if they automate attempts. Another way your password can be stolen is when hackers steal a website’s password database. But on a well setup website this database doesn’t contain passwords. Instead it contains salted hashes of them, and the salt will be unique to each user. A salt is basically used to make a weak password into a secure one (eg: your_weak_password + some_strong_password_made_by_the_website = newer_better_strong_password), and hashing the passwords obfuscates them. Personally I still prefer to use a strong password though, because websites aren’t exactly up front about what they do. You never really know if a website is securely storing things, or not. I figure it’s better to play it safe, and use a strong password just in case.