It is a sad fact of life that your Mac is only as secure as your password is strong. A good password is complex enough to thwart both idle hands ('I wonder if Scott is as dumb as he looks. I bet his password is 12345. Let me try it and find out') and dastardly hackers out to steal your personal information ('Ah, some fool has left his Mac unattended, let me try some brute force dictionary attacks in hopes that I will gain entrance into his digital domain and clear out his bank account AND delete all his iPhoto pictures'). Sadly, passwords that make security conscious paranoid freaks like myself happy are both difficult to remember and to type (it is all part of their charm). Luckily, Apple has included a small utility that can help you find a password both complex and memorable.Read on to learn how.

The Password Assistant (pictured above) is available when OS X prompts you for a password in Accounts or when you manually create a new Password item in the Keychain. Simply click on the lock and the Password Assistant springs into action offering up some secure passwords for you like so:

You have a few options with Password Assistant:
- The type of password you are going to create. Password Assistant offers:
- Manual - This allows you to manually enter a password of your choice, which is great to see how good (or how bad) your current passwords are.
- Memorable - Creates a password composed of a mix of words and random characters that is both easy to remember and secure.
- Letters & Numbers - Creates a password with no punctuation marks in the mix.
- Numbers Only - Good if you want a password with only numbers in it.
- Random - Completely random password, which will be tough to remember but very tough to crack.
- FIPS-181 compliant - Creates a password that complies with Government standards regarding password creation (you can read about it here).
- Once you decide on what type of password you want, you need to choose the length. Recent versions of OS X support password lengths of 8 to 31 characters (read this KB article for older versions of OS X). I'm hoping that Leopard will bring support for passphrases, but until that happens we'll have to suffer with the system limitations.
Once you have decided on the options, a password is generated for you (unless, of course, you picked 'Manual,' in which case you will have entered your password by hand). Password Assistant also rates the Quality of the password with a simple meter (filling it all the way to the top with green means you have a very good password) which is quite helpful when deciding on which password to use. Be sure to note that if you aren't thrilled with the password that is offered up you can click on the arrow and find a few alternatives, and get even more suggestions should none of those tickle your fancy.There you have it, a quick and relatively painless way to create a secure and memorable password. Because let's face it, if you can't remember your super complex password it won't do you a lick of good.













Reader Comments (Page 1 of 2)
9-19-2007 @ 3:20PM
Ian Smith said...
My password is in 1337. I despise it, but I don't know of anyone who can crack a 16 character (including capitals, symbols, numbers) password like mine. Plus it's very easy to remember. It's a pain typing it on anything though, besides my very very smooth MBPro keyboard.
Reply
9-19-2007 @ 3:27PM
President Skroob said...
1 2 3 4 5? That's amazing! I've got the same combination on my luggage!
Reply
9-19-2007 @ 3:36PM
paul said...
I've been using passphrases for over a year on my mac - never a problem and far stronger than even complex passwords. Length matters more than complexity.
Reply
9-19-2007 @ 3:39PM
Leonard Nimrod said...
And Command-S at startup has no protection because?
Reply
9-19-2007 @ 3:41PM
blah said...
i have a phrase that's in italian, german and english, and includes the esszett (ß), u with umlaut (ü) and i with grave (ì). the average computer user wouldn't be able to crack my account if i gave them my password.
Reply
9-19-2007 @ 3:44PM
el-flojo said...
A friend of mine has 60(!) character password on all of his machines. One day he had the cops taking his machines away to investigate them... To put a long story short: they're trying to get in for almost 3 years now. Suckers! :-)
Reply
9-19-2007 @ 3:49PM
Dark Helmet said...
So the combination is 1-2-3-4-5? That's the stupidest combination I've ever heard in my life! The kind of thing an idiot would have on his luggage!
Reply
9-19-2007 @ 3:51PM
serenity said...
Great post! I noticed this lil' gem a few months ago when I created an additional user. Definately a good tool to secure passwords that don't look like SDfb#wqRht%&/23rA€#%d. ;)
Reply
9-19-2007 @ 3:56PM
Ian said...
always good to have a password with a rythm - when you get used to typing it - it will also sound right on the keyboard
Reply
9-19-2007 @ 4:24PM
Luigi193 said...
LOL @ DARK HEMLET!!!!!!
Gotta love a spaceballs quote!
Reply
9-19-2007 @ 4:24PM
Joe said...
Is there a way to pull up this password assistant on its own? It would come in handy for web sites (or the crappy Novell mail client I use at work).
Reply
9-19-2007 @ 4:27PM
Luigi193 said...
O and password is of the "non-existent" category...
Reply
9-19-2007 @ 4:55PM
conigs said...
@11 (Joe):
http://www.codepoetry.net/products/passwordassistant
Simple app to bring up the assistant on its own.
Reply
9-19-2007 @ 4:56PM
me said...
Joe, there is a way to pull this up on its own. Go under Applications/Utilities/Keychain Access and at the bottom of the window, click on the +. Then click on the key to the right of the passwords box and there it is.
Reply
9-19-2007 @ 10:18PM
mare said...
It takes 1 minute to reset a password in Mac OS X.
So having a superstrong password is overkill. Setting a superstrong KeyChain password (and not automatically unlocking it when you log in) might be more useful.
Reply
9-20-2007 @ 5:37AM
pauLee said...
@mare
"It takes 1 minute to reset a password in Mac OS X."
Can you explain?
Reply
9-20-2007 @ 5:49AM
MajorMauser said...
Throughout the whole article you do not mention the one utility that is the ultimate password program 1passwd? Seems to implement everything you are talking about.... and it remembers it for you,
Reply
9-20-2007 @ 12:09PM
Joan said...
A friend of mine a few years back used a violin fingering pattern to type his laptop password. After years of using it, even *he* didn't know his password, despite using it regularly!
Reply
9-20-2007 @ 8:08PM
mare said...
@ pauLee
Here's one way to reset your password, another way involves removing RAM, restarting, zapping PRAM 3 times, and rebooting again.
Reply
9-20-2007 @ 11:52PM
Michael said...
The awesome Steve Gibson has written an amazing Ultra High Security Password Generator. https://www.grc.com/passwords.htm
He can be heard on the TWIT network doing some really good weekly Security Now Netcasts.
Reply