How to create a strong password using the ‘three random words’ method

Tech

(AP Photo/Jenny Kane)

(WHTM) — So you have to change your password. Maybe your workplace wants you to do so at regular intervals; maybe your four-year-old told all the kids in preschool your Twitter login; or maybe you finally decided Great-Grandma was right when she said “12345” was a really bad choice for your online banking account.

You might laugh, but “12345” is still one of the most popular passwords on the internet, along with “password,” “strongpassword,” “Password123,” and “yourname.” (Using your social security number as a password is wrong on more levels than you can possibly imagine.)

But coming up with a new password can be tough after your first few thousand. It’s easy to fall into “The Big Traps” — using the same password for multiple websites, using passwords that are minor variations of some ancient (and possibly long lost) original, or using context-specific words like your place of birth, company, or job title.

Get daily news, weather, and breaking news alerts straight to your inbox! Sign up for abc27 newsletters here!

The problem is that “safe password” is a moving target. It used to be OK to have a six-character password; now the minimum is at least nine characters long with upper and lower case letters, at least one number, and a special character.

Surely, you say, there must be a simple, straightforward way to create a password that’s secure and easy to remember! Well, here’s an idea: the UK’s National Cyber Security Centre is promoting the “three random words” model for passwords, with the hashtag #thinkrandom.

It’s based on a surprising discovery: research shows that the algorithms hackers use to break passwords have more trouble decoding three words, chosen randomly and strung together equally randomly, than “complex” passwords. Is it perfect? No. Is it unbreakable? No. Is it better than 90% of the passwords out there? Yes! In fact, the trend in cybersecurity is to focus more on making passwords long rather than making them complicated, sometimes up to 64 characters for sensitive data.

But how to pick those three random words? And how do you make sure they’re truly random? Well, here’s another idea — the what3words tool.

Founded in 2013, what3words divides the world into a grid of 57 trillion 3-by-3-meter squares. Each square is assigned a three-word address. The addresses are available in forty-seven languages: in English, the app uses 40,000 words.

So, if you want three random words for a new password, just fire up the what3words app on either a computer or cell phone and mouse your way around the map. (The default is Google Maps. You can also use MapBox, OSM, Tomtom, and Esri.) Click on a box (randomly, of course), and read the three-word address.

Don’t like it? Just keep clicking around until something strikes your fancy. There you go — a randomized three-word password. (Of course, sites will still require caps, lowercase, numbers, and special characters in your password, but incorporating them will make it that much harder to hack, which is what you want.)

In case you were wondering, what3words wasn’t originally created to help you make a complicated password. The app was the brainchild of an event organizer frustrated by the task of getting bands and equipment to places with less than adequate addresses. He and his co-founders thought big and went worldwide.

Having a unique address for every nine-meter square of the planet is not only useful for making deliveries, but police, fire, search-and-rescue, and emergency services teams are finding it invaluable for finding people and places during emergencies.

So what3words is not really meant for generating secure passwords, but it does a pretty job of it, and it’s sure a fun way of tackling an onerous task.

Copyright 2021 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.

Don't Miss