When creating a new strong password, you’re trying to outsmart those who threaten to break into your account, making your password as strong as you can. On the other hand, if you create a password that is too long and difficult to remember without noting it down, chances are you will get into trouble. Is there a reasonable way out of this?
There is. You want your password to be three things: long, unique, and memorable. If it’s short, it’s very vulnerable to brute force attacks that simply try different character combinations. If it’s not unique, it can be easily cracked by a dictionary attack or using your password that leaked from a different service. If it’s not memorable… Well, that doesn’t really matter. You can store it in Passwd.
Don’ts
Password clichés
You should definitely avoid using well-known combinations, generic strings, or keyboard paths, such as “password123”, “abcdef” or “123456789”. Those count among the most obvious options and you don’t even need to be a hacker to crack them.
Personal details
Nicknames, places of birth, dates, licence plate numbers – no matter if they belong to you or someone else. They can be easily found on the internet on an account you haven’t used for years.
Recycling
Recycling is good for the environment, but not so much for your cybersecurity. Do not reuse your passwords. It’s like giving up several of your accounts at once. Not to mention some of them may have been hacked before.
Dos
Make it loooooong
You want your passwords to be at least 12 characters long (that’s minimum really), each additional character giving much more strength.
Make it unique
Using a character combination with no meaning is even better. Use lowercase letters, uppercase letters, numbers, and special characters. And mix them up. One of your secure password could look like this:
gQkO[r2y?L1S
If you insist on making your password easy to remember, instead of using verses from your favorite radio hit, write your own bizarre poetry, combining common words with some rare pieces, words from different languages, made-up words, local curiosities.
And if you don’t feel like inventing a set of characters that you find pleasing to the eye, or to the ear, you can use our password generator that does the job for you.
P.S.: Change your passwords frequently
It’s a good idea to change your passwords once in a while just in case, and it’s truly advisable to change them, if they were in a data breach. Even your strong password becomes useless when posted on the internet. Remember: every leak makes it weak. (You can check whether that’s your case here: https://haveibeenpwned.com)