On our site, we individually encrypt each member's information with a unique key via AES and store the encrypted data in a database.
To login, each member uses a username/password. At that point they still can't enter or access any information because its all encrypted.
To enter or decrypt their data, they must enter a key that we have generated for them using SHA-1.
We do this because even if a hacker is able to take over our database server, they will discover that each member's information is encrypted using with AES and highly entropic keys (SHA-1).
The keys we are generating for users are very long and hard to remember. They look something like: BB2A2D40637439A9C87A5EBF13D070F5D5D20C23
I want to know if there is a way of generating shorter keys that are just as difficult to crack?
Ie. Can BB2A2D40637439A9C87A5EBF13D070F5D5D20C23 be converted into something like bB@a%h$bae45sHR that is equivalently complex?
I simply want to get the keys we send our users shorter so that they are not such a pain to enter!