What your password and morning coffee order should have in common

July 1, 2019 by Kelly Griffiths

about the author:

Kelly Griffiths

Associate UX designer

Kelly Griffiths is an associate UX designer at Advicent, the financial planning technology provider of choice for nearly 100,000 financial professionals.

When was the last time you stopped in to grab your morning coffee and were able to complete your order by simply asking for “a coffee”? Even if you aren’t the type to drink a “Triple-pump-half-caff-extra-foam-almond-milk-frappe-latte”, you will at least need to ask the barista for something like a “medium black coffee”.

Even when you are feeling very groggy, that coffee order is likely something you can rattle off with relative ease. Can you do the same with each of your passwords? This is likely a bit more challenging – if not nearly impossible.

Fortunately, strong passwords don’t have to be hard to remember. In fact, the best passwords have a lot in common with your daily coffee order. They are:

  • Personal – Your coffee order is customized just the way you like it. Great passwords are something unique to you that others wouldn’t be able to guess.
  • Long – Just like how your coffee order is more than just “coffee”, your password shouldn’t just be a single word. Really, it should be more of a passphrase – a combination of at least three normally unrelated words.

These two characteristics help create a password that is both memorable and secure.

How to build a better password

While choosing a secure password that meets the many different security requirements may seem daunting, using the “coffee order” technique makes the process much simpler.

Here are a few tips for writing more memorable and secure passwords:

DO: Start by picking a category or topic.

Not a coffee lover? That’s alright, you can easily build your password using a category or topic that has personal meaning to you. Choose something specific such as your favorite outfit, usual fast food order, or a name for your imaginary yacht.

DON’T: Create a password that contains publicly available information.

Just like any password or security question, avoid using information that could easily be found on your social media pages or company profile. This includes things such as a family members’ name, your job title, or the name of your actual yacht.

DO: Select at least three words or “pieces” that fit together within that category or topic.

This is where you can make a password easy to remember, but hard for computers and other individuals to hack. For example, if you choose the category of “favorite outfit” your password could be something like Blackslackspurplesweater. If using compound words like “cheeseburger”, that would only count as one of your three pieces, not two.

DON’T: Get too fancy with using special characters.

Though many services and websites now require them – only add special characters, numbers, and capital letters if you have to. The more you stray from using plainly written words, the more challenging it can be to remember. You will find yourself wondering, did I capitalize the first letter of each word or just the first word? Did I substitute all of the a’s with @’s or just one?

However, if you find you can’t avoid using these characters…

DO: Use numbers, capital letters, and special characters at the beginning or end of the password, or wherever they make contextual sense.

If you must use special characters or numbers, make sure that you can easily remember where you used them. The best places are typically at the beginning, end, or somewhere in the context of your password that actually makes sense.

For example, you could use something like “Blackslackssize32” to add capital letters and numbers in a way that is easy to remember.

Understand that while numbers, capital letters, and special characters can make a password stronger, using these in a way you can remember is important.

DON’T: Use overly common phrases.

It’s a simple, but crucial rule for passwords – don’t use anything that can be easily guessed or is highly popular among many people. Common words such as “password” itself should always be avoided and this is especially important if you use popular brands or celebrities in your password. Taco Bell’s “Cheesygorditacrunch” appears on a list of compromised passwords and is so popular that some password cracking tools would guess it in just minutes. However, if you really love those gorditas, you could set a password of “Cheesygorditacrunch2tacosnocheese” and be significantly more secure.

DO: Use unique passwords for different websites.

You could create an excellent, super secure password that no bot or human could ever hack or guess, but that is only as secure as all of the systems where you use it. While tools such as NaviPlan adhere to strict data security precautions and take privacy very seriously, other sites may not have this same level of protection in place.

When you use the same password for multiple sites, all it takes is for a hacker to break in at the weakest link in the chain. At that point, they then have discovered your “one password to rule them all” and can access any of your other accounts that use the same one.

Instead, if that hacked password were completely different from all of your others, the rest of your accounts would still be secure.

Don’t be afraid to sample a new blend – give it a try

These tips might be a very different approach to password security than you are used to. A long password unique to each of your online accounts may seem impossible to remember. Yet just like a new roast at the coffee shop or a new menu item at your favorite restaurant, it doesn’t hurt to give it a try.

Using passwords that are unique to you and longer than one or two words, just like your coffee order, will make them easier to remember and significantly more secure.

For more information on the importance of data security and how NaviPlan helps advisors remain secure, click here >

Sign up for the
Advicent newsletter