Home

How to Generate Strong Passwords

Synopsis:

Good strong passwords to all your accounts are critical. Here’s a simple application that will help you generate secure passwords whenever you need them.

Let's Begin:

All your Internet accounts should be protected by unique, strong passwords. Each account should have its own password so that if one account is breached, then the rest will remain safe. A good strong password is one that is very difficult to guess or crack with brute force attacks. If you have a lot of accounts, then it can be a bit mind numbing to keep coming up with good passwords. Fortunately, there are some simple tools to make this easier.

The first tool I recommend is the free Password Assistant application. Download this tiny program and place it in your Applications folder for easy access in the future. When you launch it, it presents the Mac OS X password assistant window:

password assistant window showing strong generated passwords

Use the top menu to choose the type of password you’d like it to generate: memorable passwords, passwords with letters and numbers, numbers only, passwords composed of random characters and FIPS-181 compliant passwords. The two options I mainly use are memorable passwords and random passwords. I avoid using passwords with only letters and numbers or number only unless the particular web site I’m using doesn’t allow anything else.

The Length slider determines the length of the generated passwords: longer is better and you can see this reflected in the Quality bar underneath. Notice how short passwords show as red or yellow while longer passwords get you into the green range. I generally like to use random passwords in the 20-25 character range unless the web site restricts me to something shorter. Since Safari and most other modern web browsers can automatically fill in passwords, long passwords aren’t a burden anymore. If this is going to be a password I will need to type by hand, then I’ll use a memorable password to make it easier.

Note that the suggested password field is also a menu. If you don’t like the password it displays, click the disclosure triangle on the right side to display more suggestions:

password assistant window showing strong generated passwords

When you see a password you like, just copy and paste it into the web form (or other software that’s requesting you to create a new password).

There’s a second way to get at the password assistant window through the Key Chain application, but it’s more cumbersome to get to. You can reach it by launching the Key Chain application, then clicking on the “+” button on bottom towards the middle to create a new key chain entry, then in the window that appears you’ll see a small key icon.  Click the key icon to launch the password assistant window. This is the same window as shown above, but it’s more difficult to reach this way as you can see.

Remember: use different passwords for each web site, use long passwords and use passwords that contain a mixture of letters (both upper and lower case), numbers and special characters whenever web sites allow you to. If a particular web site restricts you to just letters and numbers or just numbers only, then make your password as long as you can and be sure to mix case. This is best bet for choosing strong passwords that will be difficult for someone to guess.

Category: Apple Mac OS X