Skip to content
Published August 14, 2017

Being that every online account needs a password, it’s imperative that you know how to create a secure one.Passwords are the simplest form of online security; they are not commonly optional, and they protect every single one of your accounts.

Passwords are the simplest form of online security; they are not commonly optional, and they protect every single one of your accounts.

Here are a few dos and don’t when creating your passwords.

1. Length

Perhaps one of the most basic tenants of a good password is its length. The shorter a password is, the easier it is for other users to guess.

But outside of that, shorter passwords are also much easier to “crack” by malicious users trying to brute force your password. The best way to avoid these problems is to use the maximum number of characters allowed by a website or service.

To that note, you can also learn just how secure a service is a maximum length allowed. If a website simply wants you to use a 4 digit pin versus a 13 character password, the second is obviously much less likely to be compromised. Be careful: services with poor password requirements may be more subjected to attacks.

2. Varied Characters

Assuming your password is a good length, you’ll also want to use varied character types. This means (and is sometimes required) using capital letters as well as lowercase letters. If a service allows the use of numbers or symbols (such as $ or #), they can also make it more difficult for someone to guess your password.

3. Avoid Common Passwords

As much as it might sound like common sense, many users are guilty of picking passwords that are extremely easy to guess.

That’s because those passwords are based on very simple rules, usually designed to make it easier for the user to remember. For instance, someone might choose their last name and birth year as a password (john73?).

Never use “password” in any form of the password; that includes with caps, numbers, or other variants. Birthdays, social security numbers, pin numbers, and home addresses are also out, as many of those things may be accessed publicly (another reason to be careful what info you share on social media). Supposing you do put together a good password, you should avoid.

4. Reusing Passwords

So now you’ve got 8 different accounts to access; it gets a bit daunting to remember all those passwords, right?

The most common answer to that: use the same password for everything. And no, adding a capital letter or number to your usual password doesn’t count as “changing” the password: Beefcake, beefcake, and Beefcake1 are all going to be similar guesses for someone that’s stolen or figured out your original password (or one variation).

To combat this, keep track of what passwords go to what. This may involve keeping a small booklet, using a service, or coming up with a pneumonic device for remembering the passwords. Just make sure you don’t pop a sticky note on your monitor with all your passwords, as that too can lead to some serious consequences.

5. Use a Passphrase

When all else fails, it may be a good idea to use a passphrase instead of a password. Not only are passphrases more secure (they tend to be longer), but they’re also easier to remember. Remembering a single word, such as billabong, may be harder to remember than 12donutsinadozen.

The main limitation of a passphrase is the restriction on length some services have; however, that also makes it more likely you’ll have to invent a different passphrase for different services (making them that much more secure).

6. Security is Up to You

There are many options for creating a good password, but ultimately security is up to you. Creating a long, complicated password is great: unless you share it. Keyloggers (a form of malware) also exist to track what you are typing (thus allowing someone to steal your password).

If you want to be extra secure, use a VPN service to mask your presence on the internet. A VPN acts as a medium between you and the rest of the internet, submitting requests to websites for you and transmitting the results to an encrypted service.

They’re great for maintaining security over open Wi-Fi networks, so consider that an extra layer of security.

Above all, treat your passwords like anything else important. Safeguard them and keep up with any accounts you may have open to ensure they haven’t been breached by hackers (hello Target). If you do feel your password has been compromised, change it! Remember, no one is more responsible for your security than you.