Passwords are notoriously insecure because we've trained ourselves to create passwords that are hard to remember and easy for computers to guess. But there's one simple, if unintuitive, trick to make your passwords more secure and easier to remember: Use a passphrase.
A string of just a couple random words is actually more secure than any made up password by far. The purest version of this method – called Diceware – involves actually rolling dice to choose words from a list of 7,776. Even if a would-be hacker had the exact list you picked from, a two-word passphrase would take an average of 30 million tries to guess. A five-word passphrase could be guessed after an average of 14 quintillion tries and would take the most advanced hacking computers we have about 6 months to crack. Add one more word and that jumps to 3,505 years.
But you don't need to get your dice out to do this, you can use this secure website to generate a passphrase for you to use. The thing is that the words have to be truly random; humans are really bad at random because our brains try really hard to find and create patterns, even when we're not noticing. Trying to make up a string of words isn't as secure as a string of truly random words.
Bonus tip: Most password managers will do the work of generating, remembering, and autofilling passphrases for you. If you don't use one yet, a password manager is the #1 best next step you can take to being more secure online. I highly reccomend 1Password or Dashlane.
