Create a Strong Password

How to Create a Strong Password

Find the balance between confidentiality and convenience

Let’s begin with the truth: there is no such thing as a perfect password. A committed hacker can crack any password, given enough time and the right tools. But just like breaking into a car, if the protection is strong enough, the hacker will become discouraged and give up before the protection fails.

The best password is a long string of cryptic characters, but these passwords are also very frustrating to remember. Below are tips to create a strong and memorable password.

The best practice is to change your password every 90 DAYS.

  • Make your password long. The average password length is 8 characters – and a sophisticated hacker takes only 7.6 minutes to crack it (no matter how complex!). Therefore, 15 characters is OK, 18 characters is better, and 20 characters is excellent.

NOTE: Employees who manage important information, such as proprietary or financial information, should create a 20-character password for high-level security. Yes, it is annoying to type so many characters, but as the guardian of your company’s data, your situation may merit the effort.

  • Start simple and then add layers of complexity. Start designing the password with a memorable phrase that is meaningful to you and then make it complex by adding numbers and special characters.

Worst Passwords
(from most to least)

  1. 123456
  2. password
  3. 12345
  4. 12345678
  5. football
  6. qwerty
  7. 1234567890
  8. 1234567
  9. princess
  10. 1234
  11. login
  12. welcome
  13. solo
  14. abc123
  15. admin
  16. 121212
  17. flower
  18. passw0rd
  19. dragon
  20. Sunshine
  21. Master
  22. hottie
  23. loveme
  24. zaq1zaq1
  25. password1
OK Better Excellent
4Jellyf!sh10022
War^^crafter**9 19War^^crafter**95 19MightyaWr^^crafter95
harleyBE$Trid@r Oharl@yB@$Trid@r83 0O=Harl@yr1d@r83=O0

Common mistakes:

Too short
Lacks sufficient predictability
Matches common dictionary words

  • Opt for 2-factor authentication for an extra layer of security. This is designed to alert you whenever someone attempts to access your account even if they know your password.
  • Do not store your password on paper. Never keep your passwords on a piece of paper under the keyboard or in your wallet because they can be easily lost or found. Invest in a password storing app instead. If you must store your passwords, keep hints instead. For example, rather than storing “O0Dimples+2&Grapes0O” use “puppy’s name, age and favorite snack.”

TEST IT OUT

The key to a strong password is to turn an easy-to-remember phrase into a cryptic word phrase that will discourage hackers. Test to see if your password is strong enough.

  • At least 15 characters long
  • Different from your previous 3 passwords
  • Contains characters from at least 2 of the following groups:
    • English uppercase letters
    • English lowercase letters
    • Numbers
    • Specialized characters (for example: * $ # + ! @)