How to Create the Safest Possible Password
- Use 10 or more characters
- Vary upper and lower cases
- Include symbols and punctuation
- Do not include personal info
- Employ two-step authentication when available
Note: Users are allowed to use any combination of characters for their passwords, including special characters such as ($&%), numbers, and letters.
Creating a password is something we’ve all done, usually multiple times. But do you actually know what you’re doing when you set up a new password? Do you know what makes a strong or weak password?
The following is an outline of what makes a strong password, what to avoid when setting your password, and tips and tricks for keeping your online activities secure.
Tips for a Safe Password
First off, there is no such thing as a completely hack-proof password. With the advancement of super-computers and hacking techniques, no password is totally safe. But there are steps you can take to protect yourself against identity theft and security fraud by creating stronger, hard-to-crack passwords.
Characteristics of safe passwords include as many of the following as possible:
- At least 10 characters
- Upper and lower case letters
- Numbers and special characters
- Not found in a dictionary
- Not based on personal information- i.e. birth date, phone number, address, etc.
Avoid the following pitfalls when creating your password
- Passwords that are too short
- Passwords that are not complex enough
- Passwords that are too easy to guess
- Passwords that are already in use
- Passwords not protected by two-step authentication
Just a heads up
Don’t use password as your password! The following is a list of the most hacked passwords from analysis of over 450,000 hacked Yahoo! accounts, according to ESET, an IT security firm:
- 123456
- password
- welcome
- ninja
- abc123
- 123456789
- 12345678
- sunshine
- princess
- qwerty
Don’t Make It Too Easy
The easiest passwords for hackers to crack are the ones that require little to no effort to create or type in. And while it might seem obvious which passwords you want to stay away from, some people are still using 123456, password, and abc123 as their passwords.
Additionally, do not include well-known facts or information about yourself in your passwords, such as your favorite sports team, important dates, your dog’s name, or where you went to college. These trivial facts can easily be discovered with a preliminary Google search or a quick scan of social media.
Avoid One Password to Rule them All
Though it may be tempting to use one password for all your accounts, most security experts recommend using a unique password for every account. This is especially important for your most sensitive accounts like bank accounts, retirement accounts, and personal and professional email accounts. Imagine how much easier you’ve made it for a would-be hacker to access your accounts when all your account passwords are the same.
However, who among us has the time or the brain capacity to create and memorize a dozen unique, hard-to-guess passwords? That’s where password storing software comes into play. Not only can these helpful apps store all your passwords, they can also help you create stronger passwords and automatically change passwords in the event of a security breach.
Beef it Up
As we know, longer passwords are harder to crack. And since you should always avoid including obvious or well-known names, dates, and facts about your personal life or family in your password, you need to get creative.
One way to do that is through unique phrase creation. For example, if you and your wife recently took a trip to Spain, you could structure your password around the phrase:
Our trip to Spain was one for the books and we can’t wait to go back!
Now shorten this phrase into a string of letters and symbols, and substitute numbers where applicable. So the password becomes:
0t2Sw14tb&wcw2gb!
The first word in the password phrase is our, which can be represented with a 0, or spelled-out, zero. The second word is trip and we can be represented with an upper or lowercase T/t. Continue to assign a number, letter, symbol, or unique spelling for the remaining words in the phrase—& for and, and 2 for to, 4 for for, etc.
Another method is to pick a sentence or phrase that is easy enough for you to remember, and use it as your password. Make sure the phrase is long enough and unique enough to be secure.
My dog goes 2 the park and chases ducks
This phrase can be used as a password and should be “beefed up” with spaces, numbers, upper and lower case letters, and punctuation.
My.dog g0es 2_the paRk @nd chases Duck_s
Add Another Layer
When possible, use two-step authentication processes. This adds an additional layer of security and requires you to enter a second password that is sent to your cell phone. In the event that a hacker does gain access to your primary password, their efforts will be thwarted because the second password keeps your account safe. The only draw-back to this approach is the extra time it takes to log into your account. Though when your online identity and security are at stake, a few extra seconds doesn’t seem so bad.
The Major Points
Here are the main take-away points for creating a strong, hack-proof password:
- Use 10 or more characters
- Vary upper and lower cases
- Include symbols and punctuation
- Do not include personal info
- Employ two-step authentication when available