October 18, 2017 | 5 min read
How to Create a Secure Password
Here’s a list of do’s and don’ts when choosing a password.
8 characters is a must.
Your password should contain at least 8 characters. This is the basic rule of online security. Passwords that are too short are prone to brute force and dictionary attacks, which use wording and a list of the most common passwords.
8 is a must, but not a limit.
Make your password even longer. Using a phrase made up of common words, like “sound paper head cake”, adds more security. Brute forcing such a password will take over 500 years at the speed of 1,000 guesses per second. Meanwhile, brute forcing an 8-character password containing special characters will take about three days at the same speed. Size matters.
Don’t be paranoid.
Feel free to keep your same password as long as you wish. There’s no need to change your password every month or two. If there were no data breaches and you didn’t click suspicious links, there’s nothing to worry about. If you notice anything weird — your mail sends spam or strange mails on its own or you see some suspicious activity on your account — it’s high time you reviewed your passwords. Until then, you are safe.
Let your computer remember it for you.
Use a password manager. With this software you can keep strong and unique passwords for every site with no need to remember them — the software will do it for you.
Using passwords with a lot of special characters.
It won’t be more secure if you replace some letters with symbols, like 4 with A or 0 with O. These symbols will make it harder for you, not for hackers.
Using password hints.
Hints do more harm than good. A stranger can guess your password more easily if he sees a hint, so it’s better to avoid hints.
Using secret questions.
Secret questions can betray you — skip them if possible. Probably the name of your first pet isn’t a big deal, still, it will be enough for some services to reset your password without your permission.
Using a series of repetitive or sequential symbols.
Randomization is a key point to secure passwords. Machines are incredibly good at guessing various sequences. Passwords like 123456 or ffffffffff are not good at all, so don’t use them.
Including a username in a password.
Don’t use the service name in your password, e.g. yournameGmail. This may be easy to remember for you, but it will also be easy to guess for hackers. Also, avoid including any hints on your login or service name into the password.
Following these guidelines will make your password easier for you to remember and harder for hackers to guess. Check out our Security Watch for more tips.