A good, secure password has a number of key characteristics:
How can the first three characteristics be tallied with the fourth? Surely, it is too hard to remember something that encapsulates all or even some of those first three without it breaking the fourth ... and this is how we end up with people using "password" as their password. Personally, I find the "I can never remember a long password because it is too hard, so I have to keep it as my pet's / dad's / mother's / etc name" attitude a tremendous cop-out. Everyone can remember what is a seemingly complex password, so long as they use a method that will allow them to do it.
Imagine the following scenario -- you've just received a new PowerBook G4 from your workplace, and you need a password for your Mac OS X FileVault login. It is a given that this password has to be as secure as you can make it, as your new machine can easily be stolen, and it is going to have sensitive information on it such as trade secrets and your workplace's banking details. So how do you generate a difficult to crack, yet easy to remember password? Try one of the following two techniques:
timbsnPBG4-ail!"
Almost instantly, you have a pretty good password that only you are going to know... and in this particular case, it even contains some capitalisation and some non-alphanumerics. Obviously, this requires you to be able to remember the story. Since not everyone can do that, so there are variations on a theme for this technique, such as using the lyrics of your favourite song(s), poems, quotes, etc. as the basis for the password(s). Perhaps what you remember best is a smell or taste, the ingredients to your favourite meal, whatever. There is something that you as an individual can remember and remember easily. Even if it is your pet's / dad's / mother's / etc. name, you can still generate a complex yet memorable password from them, so long as you use all their names at once and introduce some randomness into the process -- such as only using the last two letters from each in a combination that ends up looking like goobledygook.If the first technique is a non-starter for you, try using your ability to remember a spatial layout. In this instance, it is your keyboard that you will choose as your canvas (and in my case, this is a British QWERTY keyboard). This method has the advantage of generating passwords that you don't even have to remember ... all you need to be able to do is remember how you typed them.
Pick a couple of letters to form the base of your password, and then type a pattern about them. E.g. using the d and k keys as the base, I can type the following:
erfcxsiol,mj
... simply by starting at the key to the top left of each of the base keys in the hexagon of letters that surrounds them (e in the case of the d key, and i in the case of the k key). Hey presto, an instant "random" password that takes very little to remember. Self evidently, this technique has a huge potential for variation. I could have typed in an anti-clockwise direction around one of the base keys and clockwise around the other, or started at a different letter in the hexagon, added a third / fourth / fifth base key, held shift down for one of the hexagons, etc., etc.
157qtuagjzbm
And so on, and so on -- practically, there is no limit to the combinations of keypresses you can make based on a spatial awareness of your keyboard. You can use these combos to generate secure passwords that are easy to remember.
!%&157qtuagjzbm!%&
¡5¶œt¨åg??bµ
This will hugely increase the difficulty of cracking your password. This tip alone will even improve your pathetic six-letter word, turning it from easily cracked password into something that is moderately OK. However, be aware that this will limit you to using this password on Macs only. Also, it will only work on Macs that have the exact same keyboard as your own. Be careful with this technique, if you do use it.
Mac OS X Hints
http://hints.macworld.com/article.php?story=20040920120520528