- To create a truly strong password, you should use a mix of upper- and lower-case letters, numbers, and symbols.
- Creating strong passwords can help protect your accounts from hackers, but no matter how strong your password, it should never be re-used.
- Using a password manager will help you keep track of your passwords, and allow you to create strong passwords for every account.
- Visit Business Insider’s Tech Reference library for more stories.
Passwords can be immensely annoying, especially if you have many different accounts. Eventually, something will come along to replace them – many modern smartphones already use face or fingerprint scanners.
But right now, we have to use passwords. This means that you should know how to create strong and unique passwords to protect your accounts.
Why strong, complex passwords are important
A strong password is one that’s difficult for a hacker to crack. In general, the longer and more complex a password is, the stronger it is.
A weak password is a simple word – something that can be found in the dictionary – or a simple and commonly used phrase like “letmein” or “password123.” Hackers have long lists of commonly used passwords, and using something like this is akin to having no password at all.
There are a few common methods hackers use to crack passwords, and they tend to be more successful on short and simple passwords. A dictionary attack, for example, attempts to match your password to simple words that you’d find in the dictionary.
If your password is somewhat more complex – it’s not a single word or includes a number or symbol – then a brute force attack may succeed if the password is simple enough. A brute force attack simply tries every possible combination. As computers get faster, short and weak passwords get easier for hackers to crack.
There are online tools you can use to see how strong your passwords are – see our article on password security for ways to test the strength of your passwords.
How to create a strong password
Thankfully, creating a strong password isn’t complicated. Follow these guidelines:
- Make it long. The longer your password, the better. Many websites require passwords to be at least eight characters long (some allow as few as six characters), but unless the site limits the maximum length of the password, you should make it much longer – 12 characters is a good minimum.
- Use a combination of upper- and lowercase letters, numbers, and symbols.
- If you use a password manager (and yes, you should use a password manager), you can let the password manager automatically create a lengthy, strong password for you.
There are also some don’ts:
- Don’t ever reuse a password – they should always be unique.
- Don’t use symbol substitutions, like an @ symbol for the letter A. It’s not clever, and it’s easily guessed by hacking tools that try those kinds of substitutions automatically.
- Don’t use common words or phrases like “password” or “qwerty,” or passwords which have personal significance to you, like the names of family members.
No matter how complex your password, you should never reuse it – it’s possible all your accounts will be compromised through the common password.
Related coverage from Tech Reference:
Business Insider Emails & Alerts
Site highlights each day to your inbox.