What Qualifies as a Strong Password?
Protect your accounts and data with these password tips
In today’s mobile-first world, you most likely rely on multiple online tools — from messaging and payment apps to online shops and financial institutions — to handle your personal finances. However, these accounts are frequently targeted by cybercriminals intent on stealing your data, your identity, and your money. It’s absolutely vital to protect yourself by securing all your online accounts, and creating strong passwords is an excellent place to begin.
Don’t reuse passwords
No matter how strong or weak a password is, reusing it across multiple accounts will badly weaken your online security. Slightly modifying passwords across different accounts is a bad idea, too. If one account that uses a recycled password gets hacked, all the other accounts that use the same password will be compromised as well.
To avoid this problem, use a unique password for each online account you have. You won’t be able to remember all of these, of course, so using an online password manager tool is highly recommended.
The more random your passwords are, the stronger they’ll be. For example, CNET writers Clifford Colby and Sharon Profis recommend staying away from personal but predictable password elements like names, important dates, and other personal information. Common words like “password” are all too easy to hack as well — even when they’re modified with special characters.
Instead, consider using a random combination of upper- and lower-case letters, numbers, and special characters. Password managers typically offer a password generator to help you do this. In an article by Sara Angeles for Business News Daily, privacy expert Eduard Goodman also suggests creating a password by making an acronym out of a lyric or another short line of words — for example, turning “Row, row, row your boat gently down the stream” into “Rrrybgdts.”
The longer the better
The shorter your passwords are, the easier they’ll be to crack. Generally, eight characters has been considered an acceptable minimum length for a secure password, but a longer string of characters will provide even greater security. Just make sure to follow other best practices for password strength while adding characters.
Backing up your password with two-factor authentication makes it even stronger. Along with a password, a two-factor login makes you enter a one-time code, typically sent to your phone or generated by an app. Even if a hacker has your password, they’d also need the code to break into your account. A note of caution: If you do adopt two-factor, Colby and Profis recommend using an authentication app, which are less vulnerable to fraud schemes like SIM swapping than codes texted to your phone.
Check for data breaches
Even if you think you have a strong password, it’s important to make sure that it hasn’t been exposed. Many password managers and websites offer tools that let you check your accounts for hacks and data breaches, or even enter a potential password to see if it’s already been used and stolen elsewhere.
The consequences of using weak passwords can be severe, so take all the necessary steps to make yours as strong as possible. Once you’ve done so, you’ll be able to go about your online life with far greater confidence and security.