1. It is true a password should be very strong, not readable or pronouncable, having
7-15 characters, so that it is not easily get cracked. However the biggest problem
of every online user who has numerous web accounts is the difficulty of
remembering lengthy and complex passwords. The fear of loosing one's web
account due to password cracking is actually a mere secondary problem. Even a
computer savvy has hard time remembering password with either 10 or 12
characters, even if that password can be pronounced. I have many relatives who
are more computer savvier than i who use pronouncable password which has 8
characters only and take note, my fellow online user they write their passwords
on a small piece of paper. But i do not want to follow their example, even their
savviness reach beyond 100 % But i must admit that i also write all my
passwords on a small piece of paper. But i only do such a thing because most of
my passwords have 12 characters and very difficult to read. But i see to it that
noboby except me know the safe haven of my security tools. And if anyone dares
to discover where i store all my passwords, he/she already committing a heinous
crime against me and every heinous crime is punishable by the law of death. No
cybercriminals let themselves put into comdemnation.
But what is the most effective measure for ensuring password security that does
not need to sacrifice convenience? The password " Chocolate Cake" may a bit
lengthy but very convenient because it is not mixed with other characters, yet this
password may be cracked within 30 seconds only. However if " Chocolate Cake"
is written in this way "[H0(oL@T3 CAkE", then this password is almost 100%
safe and secure. If the password has 14 characters but may be a bit
pronouncable,for example "M@R1n3 BiO|oGy", but its security is still
uncompromised, then this password is highly recommendable. Remembering a
lengthy and complex password only seems very difficult, but if every online user
has excellent memory and can create a mental image of every character from
his/ her password, then that type of problem can be solved within few weeks
only. But if there is a great need for a password manager,because not all people
who have web accounts are capable of remembering passwords such as
"Me+@pHy$1(AL" and "[#eM1$tRy", then they should choose the most efficient
one.