The Problem With Passwords
We all know passwords are a necessary evil of the digital age. As our online presence grows, so does the tedious task of creating and remembering unique passwords for each account. It’s no wonder that password fatigue leads many to take risky shortcuts like reusing the same password everywhere or relying on simple, easy-to-guess passwords like “123456”. But these unsafe practices put our data and privacy at serious risk.
According to Verizon’s 2020 Data Breach Report, compromised credentials are the leading cause of security incidents and breaches. Cybercriminals today have more tools than ever to launch brute force attacks to guess weak passwords. Even what we consider complex passwords can eventually be cracked with enough computing power.
This is why experts universally recommend using randomly generated, unique passwords of sufficient length and complexity for every account. But for most people, remembering dozens of completely random, abstract strings of characters just isn’t feasible. Our brains didn’t evolve to handle and recall huge amounts of meaningless information. There has to be an easier way to create strong, secure passwords normal people can reasonably remember, right?
Introducing Three Random Words
Security experts like Bruce Schneier have advocated for years that people use passphrases instead of typical passwords. Research has shown that passphrases built from multiple words are both inherently more secure against modern brute force attacks and are far easier for humans to memorize.
One specific formulation that strikes the perfect balance of security and memorability is three random words joined together. For example:
- bluecampfiretruck
- librarylampshadeice
- yellowsubmarinetree
These types of three word passphrases provide excellent protection against hacking attempts. Their length and randomness create a level of complexity that stymies most password cracking tools, which are designed to guess shorter strings of letters and numbers.
And because they tap into our brains’ powerful ability to memorize associative information, three random words are significantly easier to recall than a random string of the same length. The three words form a logical “mini-story” in your mind that just sticks better than abstract characters.
How To Generate Three Random Words
But how do you go about getting three random words to use for secure passwords? Trying to pull them out of your head won’t cut it, as the words need to be unpredictable. Here are a few good options:
- Diceware – This time-tested method uses dice rolls to randomly select words from a predefined list. Just need an ordinary die and the Diceware word list.
- Online random word generators – Many trusted websites offer quick tools to generate multiple random words that can be combined into passphrases.
- Password manager built-in generators – Most password managers like LastPass, Dashlane, and 1Password have tools to randomly output multiple words for strong passwords.
Once you generate your random words, you just have to combine them into a single string. Removing spaces and adding capital letters, numbers, or symbols can also help meet complexity requirements for different sites.
Why Three Random Words Improve Your Security
Here are some of the biggest reasons you should switch from traditional passwords to three random words:
- Extremely secure – Three random words provide greater resistance against modern brute force attacks and cracking methods.
- Easy to remember – Random words tap into the brain’s powerful ability to remember associative information.
- Unique across sites – Using random words allows each password to be completely different, limiting damage from one account’s compromise.
- Faster to type – Three words generally allow faster entry than complex random characters on a keyboard.
- Future-proof – A new three word passphrase is unlikely to ever be brute forced or guessed in our lifetimes.
For most people, the massive security advantages of moving to three random word passphrases far outweigh the small downsides. It does require some one-time effort to implement across your existing accounts. But this simple change can greatly reduce the risk of being victimized by the next big password breach.
Tips For Making The Switch
If you’re ready to step up your password game, here are some tips to mae the transition to three random word passphrases as smooth as possible
- Phase it in slowly – Start by changing your most important accounts first, then expand from there.
- Use a password manager – Letting a program store and fill in word passwords makes the transition much easier.
- Write it down initially – When first creating a new word password, be sure to write it down until it’s memorized, then destroy the written copy.
- Add symbols/numbers – Many sites require special characters or numbers. These can be incorporated onto the end of word passphrases.
- Use calendar reminders – Set reminders to periodically rehearse new passphrases if you have trouble memorizing them initially.
Take Control Of Your Passwords
Reusing simple passwords across accounts is like leaving your doors unlocked in a crime-ridden neighborhood. It’s only a matter of time until someone with bad intentions gets in.
Three random word passphrases let you take back control with passwords that are both incredibly secure and easy for normal people to use properly. Ditch the password headaches and frustrate the hackers. Your online accounts will thank you.