FAQ

  • What is a password strategy?

    A password strategy is a mental algorithm that you can use to generate your passwords on the fly, i.e., you don't need to memorize passwords anymore! Whenever you need to type a password you can simply run an algorithm in your head with no need for paper or pencil. Click on Three Word Strategy to see an example of such a strategy.

  • Why should I use a password strategy?

    If all your accounts have the same password, the adversary that knows the password to your facebook account can also login to your bank account. Using password strategies, you generate a unique password for each website. It does greatly increase your security. And you do not have to memorize or write down any of your passwords.

  • Do I need to memorize passwords for different websites?

    No! Everytime that you want to login to a website, you will generate/regenerate your password using your password strategy, i.e., mental algorithm.

  • What if I don't use a website for a few months? Will I still remember the password?

    You don't have to remember your password, you can easily regenerate it in your head.

  • If I want to adopt a password strategy, I would have to change all of my current passwords, this is a lot of effort! Why should I do this?
    The initial effort to adopt our password strategies might seem high. However, you don't need to change all your passwords in one shot, you can change the password for a website the next time you want to login to the website. Once you adopt it for your accounts, it will make your life much easier for the following reasons:
    • You don't need to remember any of your passwords.
    • Your passwords will resemble a random combination of letters/numbers and therefore will be very hard to crack.
    • You don't even need to know if you have an account with a website! Generate your password with your algorithm, if it works, you have an account, otherwise create an account with the same password that you just generated.
    • If you want to make a new account, you don't need to design a new password. Just give the name of the website/app as input to your algorithm and generate a password.
    • No "forgot my password" anymore!
  • These strategies are public, why are my passwords secure?

    Although the strategies are public, your mental algorithm uses a private key that only you know. It is a mathematically proven fact that if you chose your key randomly (not based on your personal information), your passwords will be hard to crack.

  • How difficult is it for an adversary to hack into my accounts?

    It depends on the strategy that you use. For example, if you use the Three Word Strategy , the adversary would need to steal approximately five of your passwords to be able to guess your password for a new website.

  • Can I make my own password strategy?

    Yes! You can customize any of the password strategies that we propose to fit your own preferences. Furthermore, you can make your own password strategy from scratch.

  • How should I use these strategies if the website name contains numbers or special characters?

    You can set your own rules for handling these cases. For example, you can either skip the non-letter characters or assign all of them to a fixed letter or number (similar to wild card).