If you’re one of the millions of people whose password to their online accounts is “password,” don’t feel bad—you’re not alone. Remembering a single PIN, password, or secret phrase can sometimes be bothersome—let alone passwords for the dozens of accounts and devices many people have nowadays.
Online-security experts recommend long, strong passwords for a reason—identity and information theft are rampant, and hackers have many tools at their disposal that allow them to crack simple passwords like “123456” and “abcdefg.” In order to protect your identity and online information, a tougher password is a must. But there’s no need to memorize hexadecimal strings of random characters; there are several easy ways to create—and remember—strong, safe passwords.
Go for length.
The best passwords are at least seven characters long, and hopefully as long as fourteen characters. The shorter a password is, the easier it is to crack.
Find something random.
Instead of using a word as your password, use a favorite quote, lyric, or phrase (containing at least ten words), and use the first letter of each word as your password. If you’re going to San Francisco, be sure to wear some flowers in your hair becomes “iygtsfbstwsfiyh.” Although the sequence is memorable and makes sense to you, it seems random to anyone else.
Another way to find a random password is to use an online password-generator service, such as StrongPasswordGenerator.com, and then create a mnemonic device to help you remember it. When the service supplies a random sequence like “Jni8e8r,” remember it by teaching yourself the phrase “Jeffrey normally inspired eighty-eight rainbows.”
This doesn’t mean using common misspellings of regular words; rather, devise a creative misspelling of a word you can remember and that can make your password safer. For example, “Paris” can become “Pearisse.”
Add some complexity.
Good passwords contain symbols, punctuations, deliberate misspellings, and a blend of lowercase and capital letters. Turn a simple password like “catlover” into a more secure version like “c@LUVr!”
Passwords with numbers are harder to crack, but don’t use easy-to-guess numbers, such as the current year or your birthday. Choose seemingly random numbers (that have significance to you) and place them in the middle of the text for maximum security, or substitute numbers for multiple letters. An easy password like “basketball” can become “8a5k3tba1l.”
Mix it up.
The very best passwords use a blend of all these techniques, so be sure to employ at least two or three to create the most powerful protection. If you have a favorite phrase that you’ve distilled to an acronym, add some capital letters or punctuation. Add length to a short password with numbers, and add complexity to a deliberate misspelling with characters or symbols. Using a variety of password-enhancing tricks ensures a better result.
Check it out.
Use a password checker to make sure that your password is as strong as it can be. If your password is rated weak or medium, you may want to add more numbers, symbols, or other characters to make it longer and more complex.
Use a different password for each account.
As maddening as it can be to keep track of all those passwords, it really is important not to use the same password for every online account, or a hacker who gains passwords from one site can use your email address to compromise any other accounts you hold. But if you must reuse passwords, at the very least you should use separate passwords for banking or financial accounts, and leave the weaker or all-purpose passwords for accounts without access to your financial data. One way to keep track of multiple passwords is by using a password manager. These online or USB-based encrypted programs, like Password Dragon and KeePass, store passwords for all your accounts, leaving you to remember only one master password.
Change them often.
Computer hacking algorithms get more sophisticated every day, so it’s best to change your passwords every few months, if not sooner. This is especially true for your password to any site that stores financial information, since these are more likely to be the target of a cyber-attack.
Don’t make it easy.
A surprising number of people use simple passwords like “password,” which are incredibly easy for a computer to decipher or a person to guess. When formulating your passwords, never rely on these usual suspects.
- Personal information like your name, birthdate, address, phone number, or license plate number.
- Repetitive sequences, like “121212” or “bbbbbb,” or adjacent letters on the keyboard, like “qwerty” or “asdfgh.”
- Real words that appear in the dictionary, including common misspellings of those words.
- Real words spelled in reverse (“drowssap”).
- Real words with a single number at the end (“password4”).
- A real word with one letter replaced by a number (“passw0rd”).
Although it’s common to use a simple password like “password” or “123456,” it’s an invitation to disaster. Creating a better password takes only a few moments, and keeping your information safe is well worth the effort.