Of course, everyone wants to protect their data from intruders, but people often neglect even the most basic security rules. For example, many accounts are protected by weak passwords, which makes it easier for cybercriminals to get their hands on them. A few months ago, we just wrote about the worst passwords of 2020. There is a fine line between choosing a password that no one can guess and a password that is easy to remember. So today we are going to break this down and make sure you never have to click the “forgot password” link again.
What is a strong password?
Let’s start with a definition. A strong password is a password that cannot be guessed or hacked using brute force.
You already know that hackers use computers to try different combinations of letters, numbers, and symbols. Today’s computers have no trouble breaking short passwords consisting only of letters and numbers in a matter of seconds. That is why it is so important to use reliable combinations of upper and lower case letters, numbers, and special symbols. Passwords should be at least 12 characters long, but we recommend choosing longer passwords.
Let’s sum up the characteristics of a strong password:
– At least 12 characters. The longer your password is, the better.
– Contains upper and lower case letters, numbers, and special characters. Such passwords are harder to crack.
– Does not contain keyboard paths.
– Is not based on your personal information.
– The password is unique for each of your accounts.
You’ve probably noticed that many sites “worry” about the strength of your password. When creating accounts, tooltips often pop up to remind you to include numbers, letters, and a certain number of characters. Weak passwords are more likely to be rejected by the system. Remember that you should not reuse your password for other accounts for security reasons.
A long password is a good password
When it comes to password security, length does matter. We recommend choosing a password that has 12 characters or more. Each additional character in the password exponentially increases the number of possible combinations. That makes protection more secure.
A strong password is not obvious
A good password should be difficult to guess or crack, so don’t choose something generic and simple like “12345”. By the way, this variant ranks first in the ranking of the worst passwords of 2020.
Forget the obvious key sequences
Don’t use sequential combinations, such as “qwerty,” as hackers will break them. The logic is, if you haven’t spent any effort to come up with a good password, it won’t take much time for hackers to hack it.
No personal information in passwords
Do not use anything personal in passwords! Your nickname, your date of birth, or your pet’s name. This information is very easy for a hacker to find out just by looking through your social networks.
A good password must be unique
Once you’ve created a strong password, you may want to use it for all your accounts. But if you do, it makes you more vulnerable to attacks. If a hacker manages to find out your password, he can log into every account you’ve used it for, including email, social media, and work accounts.
Surveys show that many people use the same password because it’s easier to remember. Don’t worry, there are many ways to help you manage more passwords. We will talk about them later. The main thing is not to reuse your passwords, especially if they have already been compromised. You can check this at https://haveibeenpwned.com/.
Use special characters in passwords
While using special characters in passwords is a really good way to make them more secure, not all accounts allow you to use any characters.However, most use a list of the most common ones: ! ” # % & * , / ^ : } | \ ~ $ ; ‘ : _ ? ( ) .
Here are some good examples of strong passwords using special characters:
– P7j12$#[email protected]
IDEAS FOR CREATING A STRONG PASSWORD
Fortunately, there are many ways to create unique and strong passwords for each of your accounts. Let’s go over each of them in detail:
- Use a password generator/password manager
If you don’t have time to come up with your strong passwords, a password generator that can also be a manager is a really easy way. Here are a few recommendations from us:
Copy your password and use it for your device, email, social media account, or anything else that requires private access. Most importantly, don’t reuse the same one multiple times.
- Choose a phrase, not a word
Passphrases are much more secure than passwords because they are usually longer and harder to guess or brute force. So instead of a word, choose a phrase and take the first letters, numbers, and punctuation from that phrase to create a seemingly random combination of characters. Also, try swapping out the words and punctuation marks.
Here are a few examples of how you can use the passphrase method to create strong passwords:
– I first went to Disneyland when I was four years old, and it made me happy -I1stw2DLwIw8yrs&immJ
– My friend Matt ate six doughnuts at the bakery café, and it cost him £10 – [email protected]&ich£10
– For the first time, Manchester United lost 5-0 to Manchester City -4da1sttymevaMU5:02MC
- Choose a more original option.
Open a dictionary or a book and choose a random word, or even better, several. Combine them with numbers and symbols to make it much harder for a hacker to figure out.
– Sand, fork, smoke, okay – Sand%fork9smoke/lokay56
You can use Cyrillic characters too. But note that sometimes Cyrillic ones are processed incorrectly by the authentication software (modules that take login passwords and compare them to saved crypto hashes), so it is more reliable to make your passwords using Latin characters.
- Play with phrases and quotes
If you need a password that’s hard for others to guess but easy for you to remember, the good idea is to use variations on a phrase or quote that’s meaningful to you. Just take a phrase that you will remember and replace some of the letters with numbers and symbols.
– “For the first time in forever”: Disney’s Frozen – 4da1stTymein4eva-Frozen
- Use emoticons
If you want to add symbols to your passwords without making them hard to remember, you can always use emoticons. Of course, you can’t add emoji, but try emoticons that consist of punctuation marks, letters, and/or numbers.
What do I do after I come up with a password?
- Set up passwords for specific accounts
Once you’ve come up with a strong password that you can remember, you still have to create different passwords for each of your accounts. But instead of coming up with several new ones, you can add the name of the platform you’re using to the end. For example, if your password was nHd3#pHAuFP8, just put the word EMa1l at the end for your email account – you get nHd3#pHAuFP8EMa1l.
- Commit your password to muscle memory
If you want to remember your password, practice typing it a few times. You will develop a muscle memory that makes it much easier for you to remember it.
How do I keep my passwords safe?
- Choose a good password manager
Whether you create your secure passwords or look for an online service that will do it for you, use a strong password manager. It generates, stores, and manages all your passwords in one secure online account. All you have to do is save all your account passwords in the program, and then protect them with one “master password.” That means that you only have to remember one strong password. We recommend these programs:
- Use two-factor authentication
You’ve heard this many times before, but we’ll repeat it. Two-factor authentication (2FA) is an extra layer of security. Even if someone manages to steal your password, you can prevent access to your account. It’s usually a one-time code that can be sent to you by text message or other means. By the way, getting an SMS is not the safest way because a hacker can steal your cell phone number as a result of a SIM swap scam and gain access to your verification code.
It’s much safer to use two-factor authentication apps. For example, Google Authenticator or Microsoft Authenticator.
- Don’t save your passwords on your phone, tablet, or computer
That may seem obvious, but people often save their passwords that way. Don’t do this. Your documents, emails, notes, messengers can get hacked.
- Keep your password secret
Even if you fully trust the person you reveal your password to, it’s risky to send your password via text message or email. Even if you say it out loud or write it down on a piece of paper, someone interested could eavesdrop and take notes behind you.