It’s World Password Day, so we wanted to remind you of some best practices for keeping your passwords strong and secure.
What is a strong password?
A strong password is one you can’t guess or crack. Hackers use computers to try various combinations of letters, numbers, and symbols in search of the right password. Modern computers can crack short passwords consisting of only letters and numbers in mere moments.
Strong passwords consist of a combination of uppercase and lowercase letters, numbers, and special symbols, like punctuation. They should be at least 12 characters long, although a longer one is even harder to crack!
Here are the main characteristics of a good, secure password:
- Is at least 12 characters long; the longer your password is, the better
- Uses uppercase and lowercase letters, numbers, and special symbols
- Doesn’t contain memorable keyboard paths (i.e., qwerty)
- Is not based on your personal information (your birthdate, kids’ names, pets’ names, etc.)
- Password is unique for each account you have
When you’re setting up an online account, there’ll often be prompts reminding you to include numbers or a certain number of characters. Some may even prevent you from setting a “weak password,” which is usually one word or number combination that’s easy to guess.
But even if you don’t get reminded to set a strong password, it’s important to do so whenever you’re setting up a new online account or changing passwords for any existing account.
A strong password isn’t obvious
A good password needs to be something that’s really difficult for someone else to guess or crack, so don’t go for anything generic, like “password” or “12345”. The latter two choices are still among the most popular passwords in the world and they’re also among the least useful.
A strong password isn’t personal
It’s important that you don’t use anything personal to you, like a nickname, your date of birth or your pet’s name. This is information that’s easy for a hacker to find out simply by looking at your social media, finding your online work profile or even just by listening in on a conversation you’re having with someone else.
A good password should be unique
Once you’ve created a strong password, you might well be tempted to use that password for all your online accounts. But, if you do that, it leaves you more vulnerable to multiple attacks.
After all, if a hacker manages to discover your password, they’ll then be able to login to every account you use that password for, which might include your emails, your social media, and your work accounts.
Avoid past passwords
Don't recycle your passwords, particularly if they’ve been hacked before. This may seem obvious, but once you’ve used a password, you shouldn’t reuse it. Even if you haven’t used it for years, it’s best to come up with a new one. Especially if you’ve had issues with a password being hacked in the past.
Don’t save your passwords on your phone, tablet, or PC (or write them on a post-it)
This may sound obvious, but you must avoid saving any of your passwords in a document, email, online note, or anything else that could be hacked or seen by others.