How to create secure passwords

How to create secure passwords

Today is World Password Day, and what better time to think about your password security? We’ve all been guilty of having bad passwords at some point, but it’s easy to tighten up your online security. If you’re not sure where to start then read on to find out more.

Why is it important to have strong passwords?
Strong passwords are far more difficult to hack, cannot be easily guessed, and consequently safeguard your online security. Before we get onto how to set up strong passwords, let’s take a brief look at what not to do.

Don’t use the same password for everything
If you use the same email and password combination to log into a variety of online sources, then if your password is compromised at one source then it is compromised at all of them. When hackers get their hands on email and password data, they will speculatively try that combination at a variety of sites in the hope that they will be able to get access to more of your data. To stop them being able to do this you have to change your password at all the different places you have used it, in the hope that the accounts haven’t already been compromised. Not good.

Don’t use something that is easy to guess
It makes sense for people to pick passwords that are easy for them to remember, but this means that they can easy to guess if someone knows just a bit about you. Common examples are pet names, children’s names, important dates (such as birthdays or anniversaries), favourite sports, and so on. These are some of the most common passwords in recent years – do not use them!

common passwords.jpg

Common passwords should be avoided at all costs

It’s also common to substitute certain letters for numbers – so, for example, ‘football’ could become ‘f00tba4ll’, or ‘monkey’ could become ‘m0nk3y’.

You can also create problems for yourself if you use personal information in your password (eg your dog’s name) but then go on and mention this information on social media.

Don’t use a short password
Passwords can be cracked using computers, and the shorter the password the less time it takes to crack. It’s also easier to break a password that has no variety in the characters used – for example, all numbers, all letters, no punctuation or symbols, etc.

How can I choose good passwords?
Given the fact that short, easy-to-guess passwords are a bad idea, it makes sense that long passwords with a variety of characters are better. Here are some tips for stronger passwords.

Size matters
The longer your password is, the more difficult it is to crack. A password with eight letters can be automatically cracked in a matter of hours, whereas a password with twelve characters (letters, numbers, and symbols) would potentially take thousands if not millions of years to break.

Length is very important, but that doesn’t mean you need to try and memorise a long and random assortment of characters. Using a phrase that only you would know is an easy way to create a long password, and even better if it features a variety of characters. For example, “Tomateallthecheese” or “Ican’tspelldissapear” or “MyDeskHas3drawers!”.

However, don’t try and create length through simple repetition, such as “dogdogdogdogdog”.

Avoid common mistakes
Password cracking software will make use of user behaviour to influence how they operate, so it’s always a good idea to try and avoid doing what everyone else does. There are various things to try and avoid:

  • Using dictionary words
  • Adding easy to guess letters on the end, such as 12345 or your year of birth
  • Simple substitutions, such as 1 for i, 3 for e, @ for a, etc.
  • Anything personal that can be found out online (such as your pet / children’s names)

Use a password manager
Whilst it’s a very good idea to have a different password for every online account or login you have, it can be difficult to keep track of them all. Therefore, it’s a great idea to let software do the job for you.

One of the best things you can do is to use password software. Seriously, it’s great and you should try it. Instead of having to remember different passwords for everything, you just have to remember one password to access the software and it does the rest for you. Obviously, you should make sure that the password you use for it is very strong, and make sure you don’t use it for anything else.

There are many different brands of password software out there, but some good features to look for are:

  • Password generator – this means you can generate strong, random passwords that would be impractical to try and break.
  • Can be used on mobile devices.
  • Data is stored locally, not on a ‘cloud’ or anywhere else. When data is only stored on your PC / mobile device then it is far more difficult to access for anyone but you.
  • This might sound odd, but be wary of password managers that have too many features (i.e. cloud syncing) – they may make life easier for you, but it can sometimes be at the expense of good security.

If you’re guilty of weak passwords, then now is the time to sort it out. It’s a chore, but it’s worth it for the peace of mind.

Becky Cunningham
First release
Last update

More resources from Becky