5 tips for a secure master password

With Password Safe you only need to remember one password: your master password. This password should be as secure as possible and protect the credentials stored in Password Safe from unauthorized access. So in this blog post, we are going to reveal five tips for a good master password that will make things really difficult for hackers and other password thieves.

Fight password fatigue with Password Safe

In Password Safe you can safely store all your passwords and other secrets. There they are protected through modern end-to-end encryption and completely without backdoors. Best of all, you can make your passwords as complex as you want, using special characters, upper and lower case letters, and numbers, because you never have to remember them. “123456” for 15 different accounts? That’s a thing of the past. Instead, you can protect your accounts with highly secure, individual passwords like “01(n$#812Vb1)B5kAWpEth($jmbJ928S5sa#0Q8N($f7=n(K!d”, which the integrated password generator will provide for you.

With Password Safe you only have to remember one password – your master password, which you use to access your other accounts thanks to the single sign-on functionality. It should therefore be as secure and complex as possible, so that hackers have a really hard time in the event of an attack. But at the same time, you need to be able to remember it and type it in every day. The right balance is key. So today, we’re going to share five clever tips for a secure master password.

The longer the better

As a general rule, the longer a password is, the more secure it is. A good hacker program can go through an average of 4 billion passwords per second. But the time it takes for a hacker to crack your password increases exponentially with each additional character. The password “FyD*8f”, which seems quite secure at first glance, is cracked in as little as five seconds. For “(UN?v*UG7p!)”, which has twice as many characters, it takes 485 years! So a few additional characters really pay off. But it should never be less than eight.

Use numbers and special characters instead of the dictionary

Well-known keyboard patterns like “123456” or “qwerty” are of course absolutely taboo. But even words that you can easily find in the dictionary are a real piece of cake for hackers. So keep your hands off “alphabet”, “benchmark” or “chameleon”. Instead, choose combinations of upper- and lower-case letters, numbers and special characters that are not so easy to understand. To make such variations easier to remember, you can replace letters with similar-looking numbers and special characters. For example, “alphabet” becomes “4/pH4b6t”.

Let private things remain private

Of course, you can always remember the name of your pet or your license plate number. So it is obvious why you would want to use this information in your password. Unfortunately, these kinds of things are very easy to find or derive on the web these days. So stay away from any passwords that are somehow traceable to you personally, because hackers have known this trick for a long time. Instead, choose password combinations that have nothing to do with you and seem completely random to others.

Mnemonic devices

Is your head already buzzing thanks to all these requirements? No wonder, because such password combinations are very hard to remember. Especially if you change your master password regularly, which we highly recommend. That’s why nothing beats some good old mnemonic devices that help you remember even the most complicated combinations.

Could you remember the password “1R2rta,1R2ft,1R2bta&itDbt!” just like that? I’m sure you couldn’t. But you’ve probably heard the following line from The Lord of the Rings: “One Ring to rule them all, One Ring to find them, One Ring to bring them all and in the darkness bind them.” Just take the first letters of a familiar phrase, convert a few words into numbers or special characters, and you’ve got a secure, yet easy-to-remember password that no hacker will be able to crack that easily!

1 = One
R = Ring
2 = to
r = rule
t = them
a, = all,
1 = One
R = Ring
2 = to
f = find
t, = them,
1 = One
R = Ring
2 = to
b = bring
t = them a = all
& = and
i = in
t = the
D = darkness
b = bind
t! = them
With these tips you can even remember: “1R2rta,1R2ft,1R2bta&itDbt!”

Login without password thanks to Password Safe

If even with these tips you still despair of finding a good master password, Password Safe offers the perfect solution: login without password! With a smartcard or FIDO2 compliant token, you can log into Password Safe completely without a password and securely access your credentials. You’ll never have to remember a password ever again, and you’ll still be protected against unauthorized access.

Want to learn more about how to securely implement password guidelines? Then download our whitepaper here: Password Guidelines – Time for a Paradigm Shift?

April 12, 2021|
Go to Top