How to Create a Strong Password
We know it's a pain in the neck to come up with a new password for each site and application you frequent, not to mention how frustrating it can be to remember what they all are, but having a strong password can mean all the difference in securing your account. To assist you in that endeavor, this article outlines our password complexity requirements and includes a few helpful tips and tricks to get you started.
Much of the traditional advice about creating a strong password is pretty much the same: the longer the better; use a mix of letters, numbers, and symbols to make it complex; avoid using any personal information; and don't use a word found in the dictionary. Still, it all holds true to scrutiny, even now that security concerns are greater than ever.
Historically, password complexity seemed to be favored over length; but criminals figured out that shorter passwords are easier to hack, even if a few letters are substituted by similar numbers or characters. The trick is to create a long and complex password that can withstand a variety of hacking attempts.
Strong Password Do's
- Make It Memorable. Long, complex passwords are the most secure but they're often hard to remember. Try this to make it memorable: Think of an easy-to-remember phrase or piece of information, and then replace letters with similar characters or symbols. You could even take that phrase and make it an acronym before substituting symbols. For example, "I went to JFK High in 1975" can become "!WtJFKh1gh@I_75" or something similar.
- Use Different Passwords Everywhere. You wouldn't use the same key for your house, car, mailbox, etc; so why would you use the same password for your online accounts? If a hacker obtains your password, the first thing they'll do is check whether that password works for other websites. It only takes one compromised login to put all of your other accounts (that reuse the password) at risk.
- Use a Password Manager. A password manager—like LastPass, Dashlane, KeePass, 1Password, etc.—is an app that saves your login credentials for different sites, then automatically logs you in the next time you visit. Some will even generate unique, complicated passwords for you. They're available in any web browser, and many apps will even sync across your devices.
Strong Password Don'ts
- Use Dictionary Words. Hackers can employ a list of every word in the dictionary (or multiple dictionaries) to use against a password database. Luckily, strong passwords aren't usually vulnerable to this kind of attack.
- Use Common Passwords. As with dictionary words, common passwords and generic sequences like password, admin, 123456, qwerty, etc. are also discouraged because they're easily hacked. Read this Gizmodo article for the 25 most popular passwords of 2015.
- Reference Personal Information. It's easy to remember names, phone numbers, birthdays, etc., but that kind of information is easy for a hacker to find using social media and other methods. Write It Down. If someone finds your password, they could do any number of things with your account, such as logging in and changing or stealing information, and even resetting your password. This is especially a problem with banking and email passwords.
- Share It. Sharing your password with a friend or family member often seems harmless, but it could be easily mishandled and fall into the wrong hands.
- Log In From Public Computers. In a public place, it's easy for someone to look over your shoulder to view your password as you enter it. And it's even easier to accidentally save your login information for a particular website, allowing the next visitor access to your account.