AI has tipped the scales in favor of hackers, as modern tools can now crack 51% of common passwords in under a minute. You are no longer just defending against simple brute force or dictionary attacks, making robust security more critical than ever. Use these essential tips and tools to create strong passwords that actually hold up against the latest AI-based threats.
Manually Create a Strong Password That Is Easy to Remember
If you don’t want to depend on third-party services for your passwords or store your password anywhere, you should manually create a password that is easy to remember for you. To achieve this, you can create a password from a long phrase that has a direct connection with you, but others don’t know about it.
Just make sure you choose a phrase that you can easily remember, and it fills the following criteria:
- At least 12 characters in the password. 16 characters is considered the sweet spot, and some recommend over 20 characters for very sensitive accounts.
- Mix upper and lower case letters, especially in the middle.
- Use numbers and special characters (if allowed) to make it harder to hack. Some password fields also allow using spaces, so take advantage of that as well.
- Ensure there is no common dictionary word anywhere (even by accident). If there is one, modify it by adding special characters or numbers within it.
- Avoid human patterns that AI password crackers are created to detect. This includes capitalizing only the first letter or adding symbols and numbers at the very end.
For example, you can create multiple passwords from a phrase such as “I eat vanilla ice cream at 3 am, but I don’t get any sleep afterwards!”. Below are some examples:
- Ievic@3,bidgasa!
- IeViC@3,bUtidgAsa!
- iEvicA3@m,BiDONTgaSa!
It will be really easy to remember the phrase as it is connected to something you do or have done before; all you have to do is remember how you created the password.
To check if your password is strong, you can use the Password Strength Tester tool. It automatically checks your password to ensure it follows the latest standards, including resistance to AI password crackers. If your password isn’t strong, it helps you make the required changes to make it strong.
Use a Password Generator to Automatically Generate Strong Passwords
If you don’t want to go through the above process, you can also use an online password generator to automatically generate strong passwords. There are two types of these tools: random password generators and memorable password generators:
Random Password Generators
These password generators generate a password using random letters, numbers, and special characters. They are generally more secure as they don’t have a pattern that AI can detect, but they are very hard to memorize.
If you choose a random password generator, you should definitely use one of these methods to securely save passwords offline.
Memorable Password Generators
These generators take random dictionary words and convert their letters into similar-looking special characters and numbers, and use random letter case. They are easy to remember as you can memorize the words to use as hints, but slightly more vulnerable to dictionary attacks powered by AI.
Memorable Password Generator is a reliable tool for this purpose that gives you four ways to generate memorable passwords.
Use a Password Manager to Generate and Securely Save Strong Passwords
Most password managers today have a built-in password generator as well to quickly generate strong passwords while signing up. If you don’t mind a third-party app managing your digital security, a password manager can both generate a strong password and remember it for you to use it anywhere securely. Below are my recommendations:
- KeePass: this is the safest option for privacy-conscious people who want to manage passwords offline. Keepass has a highly customizable password generator with rules for different needs.
- Bitwarden: this is the next-best option if you prefer online password management. It’s open-source and has a very generous free tier. The password generator can also generate easy-to-remember but AI-resistant passphrases.
- 1Password: a highly secure option that uses a unique 128-bit “Secret Key” to make your vault virtually uncrackable by AI. Its Watchtower feature acts as a personal security auditor, constantly checking your passwords against known breaches and flagging human-like patterns for replacement.
Important: Never use the same password for multiple accounts; if one of your accounts is hacked, it could lead to losing all your accounts.
It’s worth mentioning that even the strongest password can be stolen in data breaches and phishing attacks. You should further secure your accounts using 2FA or passkeys – preferably hardware security keys.
