Many years ago I wrote a blog post on how you should manage your passwords(read it here) and have good password security. It seems it is time to update it a bit.
An article published by the WSJ goes into details of the man who came up with the idea that randomly generated passwords should be the way to go. Gizmodo did a good job of summarizing the article since the article on WSJ is behind a paywall.
Essentially the gist of the news is that the person behind us being encouraged and forced to use random passwords that are have characters, symbols and letters really had no expertise to give the advice. On top of the fact he had no expertise the whole idea actually was not great.
The suggested solution is to pick phrases that you do remember.
Simple math shows that a shorter password with wacky characters is much easier to crack than a long string of easy-to-remember words.
The Gizmodo article goes on to explain some of the other regrets that have come about related to tech and the internet. It does however suggest that you use long phrases of easy to remember words. Here is a link that can help you create ‘Paraphrases that you can memorize but that even the NSA can’t guess’ …although I find it hard to believe it is still good to practice good security techniques to protect yourself and your privacy.
xkcd has a password generator available to you as well.