How to Create a Strong Password

Spoiler alert: you’re not as safe as you think you are! Here are how some tips on how to make your password usage safer. 

Practically everyone has a smartphone, some kind of computer, and often a tablet tossed in the mix, too—and whether we’re using our devices for work, school, or fun, we’re using passwords all the time. 

“Open, sesame!”

Passwords have been around for hundreds of years but these days, we use them to create and access digital accounts of all sorts, from healthcare portals to shopping opportunities. Passwords are intended to help us keep our personal information secure and prevent others from accessing our data. 

However, not all passwords are created equal. 

In fact, we’re in somewhat of a password hygiene crisis. Habits that were taught a decade ago have backfired, and poor and reused passwords are now rampant in the digital landscape. Weak passwords can be easily guessed or stolen by hackers, making your personal information vulnerable, and potentially compromising all your other accounts (especially if you’re someone who, like the majority of individuals, reuses their passwords. More on that later!). Even passwords consisting of upper- and lowercase letters and numbers can be guessed in a matter of seconds, according to Hive Systems. 

How Do Hackers Guess Your Passwords? 

Hackers aren’t spooky-looking people in hoodies trying to guess your favorite color or your pet’s name—we’re talking about cybercriminals with computer programs that can guess millions of passwords a minute. Some of the techniques include “brute force” and “dictionary” attacks. Brute force attacks involve trying all possible combinations of characters until the password is cracked, while dictionary attacks involve using a pre-existing list of commonly used words and phrases to guess a password. 

Here’s the good news: you can make some easy changes to bolster your security defenses and make you a much less appealing target. Here’s how to create a strong password:

Password Strength: Understand How It Works

Up until about 5 years ago, our understanding of “password strength” relied mostly on how long it was. But a quick look at the math and we can understand password strength is more about a combination of length and complexity. A strong password should contain a mix of uppercase and lowercase letters (like A, a), numbers (like 3), and special characters (like !,&). It should also be at least 12 characters long

The longer and more complex the password, the harder it is for bad actors to crack. For example, “X7g9K6Y!h0L2” is statistically more difficult to crack than “ABCDEFGHIJKL.” But as you’ll likely notice the latter option is definitely easier to remember—and it’s important to choose passwords you can remember, too!

Enter, Passphrases: An Alternative to Passwords

A passphrase is a combination of words, separated by spaces or other characters. In general, passphrases are longer and more complex than passwords, making them harder to crack but still easy to remember. For example, instead of using a robust and unique password composed of random characters, you could use a much more memorable passphrase like “MyCatElmerLikesToPlayWithHisBlueLazerAt3PM.” Because some of the details are unique to you, you’ll be more likely to remember your super-strong password.

Stop Reusing Your Passwords! 

If you reuse your passwords across accounts, as well as across devices—don’t feel too guilty, because you are not alone! However, password reuse makes it incredibly simple (and tempting) for malicious actors to completely take over your online identity. 

Once they have your password, hackers know enough about human habits to guess all the classic tiny changes you’re making to your favorite “root” passwords. Unfortunately, you’re not being clever by adding “1987!” to the end of your standard, and you’re not evading any hackers by choosing to capitalize “LovePedroPascal” when all your other passwords are “lovepedropascal.” 

But… if this all leaves you feeling like you need: 

  • Completely unique passwords for every account 
  • …And they all need to be incredibly complex…
  • …And they all need to be incredibly long…
  • …And yet they also need to be memorable… 

There is actually a good solution for these quandaries: 

Password Managers!

Password managers like LastPass are software applications that help you store and manage your passwords securely. They generate strong, unique passwords, store them in an encrypted database, and automatically fill them in when you log in to your accounts. Password managers not only save you time and effort, but they also make your digital identity more secure.

Password hygiene and strength are important because passwords are often the first line of defense in a cybersecurity posture, and they’re the piece users have direct control over. Creating strong passwords or passphrases, using password managers, and avoiding password reuse are essential steps in protecting your digital identity.