Adept at avoiding phishing, but scared of getting hacked through brute-force attacks? It doesn’t even matter who you are, since you can still become a target nonetheless. Hackers can sell your data to other companies, legal or not, allowing them to serve targeted ads. They can also use your account to spam, phish, scam, or even commit a crime, getting you banned or in trouble. Even worse, they might sell your information on the dark web, letting shady people do unimaginable things with your credentials. All of this makes it urgent to learn how to create a strong password. Let’s begin.
Create a strong password: Guidelines
Here are the best practices when creating a strong password:
1. Use different passwords for different accounts
Yes, this makes it harder to remember them all. On the other hand, should one be compromised, not all of your accounts are in danger. If you want to take the lazy way out, use variations of the same password, but make sure they look different and don’t follow the same pattern.
2. Don’t use passwords that can be guessed
Using only words, especially the ones in English, leaves you exposed to dictionary brute-force attacks. So, if they’re very common, you’re just inviting hackers in. Just like there are passwords you shouldn’t use for WiFi, these are passcodes you mustn’t use with user accounts:
Obvious words or numbers
Those include password, qwerty, your name, username, sequential numbers, or simple digit order such as 123456, 123123, 11111, etc.
Information related to you
We’re talking about your or names of your family and friends, a pet’s name, your or other people’s birthday, your job title, or anything related to the occupation or interests you have. Also, do not include your address – country, street name, town, house/apartment number, etc. It’s also important that you do not choose these as answers to security questions either. Hackers can abuse this security measure to circumvent not knowing your password.
3. Use a combination of letters, numbers, and symbols
This probably the most important piece of advice. Using only numbers leaves you exposed to effortless brute-force attacks, and so do words, as explained above. Using only symbols might be impossible on the majority of websites. For that reason, it’s best if you combine all 3 of them in some order, random or not. Keep in mind that the so-called “leetspeak“ is no longer valid, so never replace letters with numbers such as “p455w0rd“ instead of “password“.
3. Keep your passwords safe
We’ll publish a guide with a host of security tips shortly.
4. Make your passwords long
We don’t recommend going under 15 characters. Every character over that number makes your password stronger.
Create a strong password: Practical application
Here are 3 methods to create a strong password:
1. Create a strong password with a generator tool
You have 2 options to choose from with this method:
1. Generate strong passwords alone
You can generate a password for every one of your accounts, then keep it safe. However, it’s hard to memorize and keep away from prying eyes. On the other hand, it’s as secure as it gets, especially if you follow all guidelines. Although you can use any website, we particularly love PasswordGenerator.net and Avast’s Random Password Generator. They allow you to add or remove elements we talked about above.
2. Generate a strong password with a password manager
Password managers allow ease of use without a compromise in security. In essence, you sign up for an account and choose one master password using the tips we’ll give below. Then, by installing a browser extension or desktop/mobile software, the manager will generate a complex password for every website or service on the fly, then save it into the vault. The next time you need to log in, it will auto-fill the password and sign you in. Besides convenience, this method also renders keyloggers powerless, since you’re not typing. The two leading password manager services seem to be Dashlane and LastPass. Of course, you’re free to pick any service you like and fits your budget.
2. The passphrase method
Unless you use a password manager, it’s hard to remember a complex password. This forces you to keep it handy, on your computer or written near your desk, which beats the purpose of keeping it safe. To fix that, here’s a method that involves coming up with a long passphrase made up of bizarre words. You can do this in one of 2 ways:
1. Manual way
The words in the passphrase should be easy for you to remember, but still unrelated. Dig deep for inspiration – character or business names, historical figures, captivating words you’ve heard in your or foreign language, etc. Afterward, add a few numbers or symbols for good measure, and consider mixing lowercase and uppercase letters. We’ve come up with “Deasil1^quirE#5Xertz“.
4. Using outside help
If you are out of ideas, might we suggest Diceware? It’s an online tool that allows you to roll a die a few times to get a number, then find a corresponding word. Do that 3-4 times for each word, combine them, and voila. You can also use online dictionaries or Word of the Day apps/websites/social media accounts.
3. The sentence method
While reasonably secure and requiring a long time to crack with a brute-force attack, the words above are still found in a dictionary. It would be best if you could make a password look like it was generated, yet have an easy way to remember it. That is possible with this method, which requires you to think of a long sentence. Then, make up a rule. For example, take the first letter of each word, add a number after 3 letters, and a symbol after 5. If you lack inspiration, feel free to use a tool known as a gobbledygook generator. Using “hackers have nothing on us, we have a very strong password and fear no one“ we’ve come up with “hhn3ou^w5hav7s&pa9fno1#“