In fact, the topic is quite exciting and battles about it break out one after another. In fact, a person who is actively working and resting "online" should remember a bunch of passwords to resources, well, or trust a program that will remember passwords for him. This option is acceptable, but we all also know examples of how even the most "secure" services were hacked. Therefore, I would still recommend NOT storing passwords to mission-critical resources along with everyone else.
But in addition to passwords to resources, there is such an old and almost forgotten thing as passwords to files. And in this case, the advice that caught my eye about "remembering" passwords to each of the files really appealed to me.
The author suggests encoding the password directly in the file name. For example, the symbol "#" can mean the apartment number, "@" — the name of the dog, etc. As a result, your password may be "Barbos_23", and the file name is "secret archive @_#.zip". Do you get the gist? It is not necessary to remember the password, but the values of the keys, which it is better to have more, otherwise the system will give keys to all other files when cracking the first password.
If we talk about the "strength" of the password, then it is probably reasonable to talk about using special generators as a guaranteed good solution. However, this method also guarantees that remembering the password will not just be difficult, but very difficult. If you want to remember it, use something of your own, but as in the case of file passwords, you should make the system multicomponent so that the selection of one password does not give a key to others.
For example, you can use the resource name in Russian transcription as a basis, adding the registration date in reverse order. Or type a simple and memorable word for you, but with an offset on the keyboard — that is, instead of "o" — "l", etc. In addition, you can use a childish"hacker" technique and replace "1" with "!", "l" with "1", etc.
However, such a simple replacement allows you to get the key to all your passwords, because you absolutely need the part that a) It is NOT encoded by this key, b) it is easily remembered at the sight of a resource, c) it is not a word of a widely-spread language.
I will immediately note that you are hoping in vain that the Russian word in the English layout is a good way to confuse a cracker. In programs sharpened to open a password using brute-force, the entire Russian dictionary is usually checked in both layouts. Like that.
Share, and how else can I remember and come up with passwords? Those who trust the programs and do not remember can NOT comment, this is the topic of other articles.
