How to Create Strong Passwords

cyber security essentials - ultraspectra

Digital Security Tip

Steer clear of the 100 most-used passwords. Every year, SplashData evaluates millions of leaked passwords and compiles the 100 most common ones. The most recent list includes a password, 123456, and other passwords you shouldn’t use.

Security Tips

Your password is your first line of defense against hackers and unauthorized access to your accounts. The strength of your passwords directly impacts your online security.

Combine unrelated words to make strong passwords.

To create a strong password, try combining two or more unrelated words. It could even be an entire phrase. Then change some of the letters to special letters and numbers. The longer your password, the stronger it is.

A single word with one letter changed to an @ or ! (such as p@ssword!) doesn’t make for a strong password. Password cracking programs contain every type of these combinations, in every single language.

Certain words should be avoided in all passwords.

Many people use familiar people, places, or things in passwords because it makes their passwords easy to remember. This also makes your passwords easy for hackers to guess.

According to a study conducted by Google, passwords that contain the following information are considered insecure because they’re easy to figure out. You can find much of this info after reviewing someone’s social media profiles.

  • Pet names
  • A notable date, such as a wedding anniversary
  • A family member’s birthday
  • Your child’s name
  • Another family member’s name
  • Your birthplace
  • A favorite holiday
  • Something related to your favorite sports team
  • The name of a significant other
  • The word “Password”

Use different passwords for every account.

To keep your accounts as secure as possible, it’s best that every single one has a unique password. If one account gets breached, then hackers can’t use those login credentials to gain access to other accounts.

While no one can stop hackers from hacking, you can stop reusing the same password everywhere. It makes it far too easy for cyber criminals to attack one site and get your password for others.

Use a password manager to remember all passwords.

Do you really need to remember 100 passwords? Not at all. A password manager is a piece of software that keeps all your password safe, encrypted, and protected. It can even generate strong passwords for you and automatically enter them in to websites and apps.

Password managers act like a digital safe-deposit box for all your online accounts. You just need one key to get into your accounts: A single, easy-to-remember but hard-to-guess password. That password unlocks the safe.

But what if your password manager gets hacked? A good one keeps your passwords encrypted behind a password they don’t know (only you do). They don’t store any of your credentials on their servers. While no single tool can guarantee total online safety, security experts agree that using a password manager is far more secure than using the same password everywhere.

Add an extra layer of security by using 2-factor authentication.

Many websites offer two-factor authentication, also known as 2FA or multi-factor authentication. On top of your username and password, 2FA requires another piece of information to verify yourself. So, even if someone has your password, they can’t get in.

Withdrawing money from an ATM is an example of 2FA. It requires your PIN code and your bank card. You need these two pieces to complete the transaction.

Websites that support 2FA include Google and Amazon. When you have 2FA enabled, the site will text you a code to enter after your password. Other forms of 2FA include YubiKeys USB ports and security apps like DUO.

When you set up 2FA, many sites will give you a list of backup codes to verify your account. A password manager is a great place to store these codes.

Password do’s and don’ts


Do Don’t
Do combine two or more unrelated words. Change letters to numbers or special characters. Don’t use the word “password,” or any combination of it. “P@ssword!” is just as easy for hackers to guess.
Do make your passwords at least 8 characters long. Aim for 12-15 characters. Use short, one-word passwords, like sunshine, monkey, or football.
Do use a combination of upper- and lower-case letters, numbers, and symbols. Don’t place special characters (@, !, 0, etc.) only at the beginning or the end.
Do include unusual words only you would know. It should seem nonsensical to other people. Don’t include personal information like your birthdate, address, or family members’ names.
Do keep your passwords protected and safe, like encrypted in a password manager. Don’t share your passwords. Don’t put them on a piece of paper stuck to your computer.
Do spread various numbers and characters throughout your password. Don’t use common patterns like 111111, abc123, or 654321.
Do create unique and complex passwords for every site. Don’t use the same password everywhere.
Do use an extra layer of security with two-factor authentication (2FA). Don’t think a weaker password is safer because you have 2FA.

Keep Exploring!