Tips for creating strong passwords

073013-passwordtipsYou hear it all the time – especially in the last few weeks since the Heartbleed Bug was discovered in common online security software: You need strong passwords for every account you have online. They should be unique to each account, easy to remember, and uncrackable.

We know, we know – easier said than done. But if you’re wondering how to create strong passwords, we’ve got some tips:

The longer the better. Make your passwords at least eight characters long, 12 if you want something really secure. Four- and six-letter passwords are too easy to crack.

Don’t use real words. I shouldn’t be able to type your password into and get a definition for it. Don’t use your name, your family or friends’ names, or your pets’ names. Also, don’t use the username of the account for which you’re creating the password.

Don’t use personal information. This includes birthdays (your own and those close to you), anniversaries, street names, phone numbers, account numbers, or license plate numbers.

Use special characters. A good rule of thumb is The Geek Stuff’s “8 4 Rule.” That is, your password is eight characters long and contains at least one character from each of these categories: Uppercase letter, lowercase letter, number, and special character (like, *, &, !, #, etc.). Better yet, they say? Use five of these different types of characters.

Be creative. Here are a couple of fun ideas for creating passwords.

  • A memorable phrase or fact. “My anniversary is May 18” can become Mann1s5/18. Or, “It’s raining cats and dogs” could become 1R@!nc&d.
  • Your favorite hobby, TV show, or movie. “Big Bang Theory” becomes b1B@nGty, or “Luke, I am your father” could be LK1my0rF@.

Keeping a different password for each account you create is difficult, especially since we don’t recommend that you write them down – and we urge you to change them (all of them) every six months. That’s a lot to remember. We’re grateful for the password managers that have popped up over the last few years. These services keep your password in an encrypted vault that you access with one master password. Some of them can even create passwords for you. Here are a few you might like to try:

Got questions about security? Let our experts help! Contact us today.

Comments are closed.