© 2021 CyberNews - Latest tech news,
product reviews, and analyses.

If you purchase via links on our site, we may receive affiliate commissions.

How to create a good and strong password

9

We all got a lot of sensitive data stored on our online accounts that we want to keep secure. However, most of it is protected by pretty weak passwords. Creating a really strong password should do the job. But, as we all know, it’s a fine line between choosing a password that no one else will be able to guess and one that’s easy for you to remember.

Luckily, there are loads of ways and ideas to create strong passwords, such as using a unique password generator tool. Here, we’ll walk you through our tips and tricks for choosing and setting up secure passwords for your online accounts. And we’ll share some of our favorite methods for keeping your passwords safe and ways of making sure you don’t have to hit the “Forgotten password” link ever again.

Secure & intuitive - best for new users
NordPass is the password manager to choose if you value security and ease of use. Get it now at up to 70% off!
Save 70%
$ 1.49 /mo
$4.99/mo
30-days money-back guarantee

What is a strong password?

A strong password is one you can’t guess or crack using a brute force attack. Hackers use computers to try various combinations of letters, numbers, and symbols in search of the right password. Modern computers can crack short passwords consisting of only letters and numbers in mere moments.

As such, strong passwords consist of a combination of uppercase and lowercase letters, numbers and special symbols, such as punctuation. They should be at least 12 characters long, although we’d recommend going for one that’s even longer.

Overall, here are the main characteristics of a good, secure password:

  • Is at least 12 characters long. The longer your password is - the better.
  • Uses uppercase and lowercase letters, numbers and special symbols. Passwords that consist of mixed characters are harder to crack.
  • Doesn't contain memorable keyboard paths.
  • Is not based on your personal information.
  • Password is unique for each account you have.

When you’re setting up an online account, there’ll often be prompts reminding you to include numbers or a certain number of characters. Some may even prevent you from setting a “weak password”, which is usually one word or number combination that’s easy to guess.

But even if you don’t get reminded to set a strong password, it’s really important to do so whenever you’re setting up a new online account or changing passwords for any existing account.

A long password is a good password

When it comes to password security, length really does matter. We recommend opting for a password that’s at least 12 characters long, even longer if you can.

Each additional symbol in a password exponentially increases the number of possible combinations. This makes passwords over a certain length essentially uncrackable, assuming you’re not using common phrases.

A strong password isn’t obvious

A good password needs to be something that’s really difficult for someone else to guess or crack, so don’t go for anything really generic, like “password” or “12345”. The latter two choices are still among the most popular passwords in the world, and they’re also among the least useful.

Good passwords can’t contain memorable keyboard paths

Don’t use sequential keyboard paths, like “qwerty”, as hackers are likely to crack these. If you spent no effort in thinking of a good password, the chances are the hackers won’t need much effort to crack it.

Password strength isn’t personal

It’s really important that you don’t use anything personal to you, like a nickname, your date of birth or your pet’s name. This is information that’s really easy for a hacker to find out simply by looking at your social media, finding your online work profile or even just by listening in on a conversation you’re having with someone else.

A good password should be unique

Once you’ve created a strong password, you might well be tempted to use that password for all your online accounts. But, if you do that, it leaves you more vulnerable to multiple attacks.

After all, if a hacker manages to discover your password, they’ll then be able to login to every account you use that password for, which might include your emails, your social media and your work accounts.

A lot of people use the same password for everything because it’s easier to remember. But don’t worry because we’ve got loads of tips and tricks to help you manage multiple passwords a bit further down.

Avoid past passwords

It’s also really important to make sure you don’t recycle your passwords, particularly if they’ve been hacked before. This may seem obvious, but once you’ve used a password, you shouldn’t reuse it. Even if you haven’t used it for years, it’s best to come up with a new one. Especially if you’ve had issues with a password being hacked in the past.

Best password managers

Special characters in passwords

Although using special characters in your passwords is a really good way of making them extra secure, not all online accounts allow you to use any symbol you like. But most will allow you to use the following:

symbols you can use in passwords

Good password examples

Here are some good examples of strong passwords:

They all consist of a seemingly random and long (more that 15 characters) collection of uppercase and lowercase letters, numbers and special characters. These passwords are not generic, and don't contain any memorable keypaths or personal information which hackers could use.

Ideas for creating a good password

Luckily, there are loads of things you can do to create unique and strong passwords for each of your online accounts. We have a ready-made password generator tool that generates unique and almost impossible to crack passwords. Alternatively, you should follow our top tips and ideas on how to setup a good password:

Use a password generator

If you don’t have time to come up with your own strong passwords, a password generator is a really quick and easy way to get a unique and strong password. Our own secure password generator will create a sequence of random characters. Copy and use it as a password for your device, email, social media account, or anything else that requires private access.

Choose a passphrase rather than a password

Passphrases are much more secure than passwords because they’re typically longer, making them more difficult to guess or brute force. So instead of choosing a word, pick a phrase and take the first letters, numbers and punctuation from that phrase to generate a seemingly random combination of characters. You can even substitute the first letter of a word with a number or symbol to make it even more secure. Or try swapping out words for punctuation like we used to back in the days of text slang, if you can remember back that far.

Here are some examples of how you can use the passphrase method to create strong passwords:

PhrasePassword
I first went to Disneyland when I was 4 years old and it made me happyI1stw2DLwIw8yrs&immJ
My friend Matt ate six doughnuts at the bakery café and it cost him £10[email protected]&ich£10
For the first time ever, Manchester United lost 5:0 to Manchester City4da1sttymevaMU5:02MC

Note: don’t use common phrases, because these are vulnerable to dictionary attacks – random combinations are what you want.

Opt for a more secure version of dictionary method

A popular method for choosing a password is to open a dictionary or book and choose a random word. But, as random as it may seem to you, a single word is actually quite easy for a hacker to guess.

So rather than opting for just one word from the dictionary, choose a few and string them together along with numbers and symbols to make it much trickier for someone to figure out.

Here are some examples of good password ideas created with this method:

Words from the dictionarySecure password
Jigsaw, quest, trait, forkJigsaw%Quest7trait/fork48
Glimpse, stuff, prize, koalaG1impse$tuff74Prize8Koala!
Trombone, fish, quick, upsideTr0mb0ne&Fish?Qu1ck^side

Play around with phrases and quotes

If you want a password that’s difficult for others to guess, but easy for you to remember, it can be a good idea to use a variation on a meaningful phrase or quote. Simply take a phrase you’ll remember and swap out some of the letters for numbers and symbols.

Here are some examples of strong password ideas generated with this method:

Quote or phraseSecure password
“One for all and all for one”: The Three Musketeers14A&A413Mu$keteers!
“For the first time in forever”: Disney’s Frozen4da1stTymein4eva-Frozen
“Twinkle twinkle little star, how I wonder what you are”: nursery rhymeTW1nkle7ittle*how1??UR

Use emoticons

If you want to add symbols to your passwords without making them harder to remember, you can always use emoticons.

Although you won’t be able to add in emoji, you can use emoticons, which are the coded versions, usually made up of punctuation, letters and/or numbers.

Here are some emoticons that you can use in your passwords:

emoticons for passwords

Customise your passwords for specific accounts

Once you’ve come up with a strong password that you can remember, you’ll still have to create different passwords for each of your online accounts. But, rather than starting the whole process again, you could simply add a different code into your password for each online account.

So, for example, if your password was cHb1%pXAuFP8 and you wanted to make it unique for your eBay account, you could add £bay on the end so you know it’s different to your original password but still memorable.

Here’s how that could work:

Online accountPassword with added code
EmailcHb1%pXAuFP8EMa1l
AmazoncHb1%pXAuFP8AZN
eBaycHb1%pXAuFP8£Bay

Commit your password to muscle memory

If you want to remember your password, it can be a good idea to practise typing it several times over. Eventually, if you type it correctly enough times, you’ll develop a muscle memory that’ll mean it’s much easier for you to remember.

How to keep your passwords safe

Now that you’ve set up a strong password for each of your online accounts, the next step is to keep them safe and secure from hackers.

Here are some of our top tips on how to do that:

Choose a good password manager

Benefits of using a password manager

Whether you’ve generated your own strong passwords or you’re looking for an online service to do it for you, we strongly recommend using a good password manager. A secure password manager generates, stores and manages all your passwords in one safe online account. This is really useful because it allows you to use as many unique passwords as you like without ever having to worry about memorising them.

All you need to do is save all your passwords for every online account you have on your password manager and then protect them with one “master password”. This means you only have to remember one strong password as opposed to every single one.

Once you’ve got your password manager set up, whenever you go to login to one of your online accounts, you simply type your master password into your password manager and it’ll auto-fill in your login details for this account. You don’t even need to remember which email address or username you used. A secure password manager will fill all this in for you. Here are some of the best password managers in 2021.

CyberNews pro tip

It may seem insecure to keep all your passwords in one place. However, the encrypted vault of a reliable password manager is the most secure place you can store your account credentials. Such services never keep your vault's master password, so even breaching the database will keep you safe from harm. There are lots of great password manager tools out there, but we recommend NordPass for its intuitive design and cutting-edge encryption.

Get NordPass now

Use two-factor authentication

Even if someone does manage to steal your password, you can still prevent them from accessing your account by adding in an additional layer of security with two-factor authentication (2FA). This means that anyone trying to login to your account will have to enter a second piece of information after the correct password. This is usually a one-time code that’ll be sent directly to you.

Sometimes this will be sent to you via text message, although this isn’t necessarily the most secure way of receiving that code. After all, a hacker could steal your mobile number through SIM swap fraud and access your verification code.

We’ve found it’s much safer to use a two-factor authentication app instead, as they’re much trickier to intercept. Our favourites include:

  • Google Authenticator
  • Microsoft Authenticator
  • Authy

Don’t save your passwords on your phone, tablet or PC

This may sound obvious but you must avoid saving any of your passwords in a document, email, online note or anything else that could be hacked.

Check if your email has been leaked

Of course, it’s really important to keep on top of any data breaches that may have occurred, particularly with your email account.

But how do you know if your email has been leaked? Well, we have an online personal data leak checker, which will let you know if anything like this has happened to your email account. All you need to do is enter your email address and we’ll be able to tell you if anything has happened to it.

Don’t give out your password

Last but not least, it’s really important to keep your passwords private. Even if you completely trust the person you’re giving your password to, it’s risky to send a password via text message or email in case anyone intercepts it. Even if all you’re doing is reading it out over the phone or spelling it out to the person sat next to you, there could be someone listening in and making notes.

Conclusion: so how do I make all my passwords hacker-proof?

Passwords are like the lock on your apartment door – they're the one thing criminals have to go through if you're not home. Having a weak password is like a weak lock. It greatly increases the number of people who have the means to access your accounts.

Using all the tricks in this article to create strong, memorable passwords is a good place to start increasing your security. Alternatively, get a strong password manager like NordPass and generate all your passwords automatically - that way, you won't have to remember any of them.

Whichever course you decide to take, don't put it off! Data leaks and breaches happen every day, and the next one could have your password in it.

Comments
Rishi Pal Malik
Rishi Pal Malik
prefix 2 months ago
I lost my device Oppo A52020 last year June 23 2020 some one else is using this device as well all my gmail account Facebook whatsapp etc therefore I want to make my strong password
clowns
clowns
prefix 4 months ago
I first went to Disneyland when I was 4 years old and it made me happy => I1stw2DLwIw8yrs&immJ.
?!
[email protected]!
Jocelynn
Jocelynn
prefix 7 months ago
is my name a stroung password?
Petr Stanicek
Petr Stanicek
prefix 7 months ago
Why do you still recommend using special chars and unredable passwords, it’s so obsolete. Using set of like 80 characters (small/capital letters, numbers, special chars) doesn’t make a password much stronger, the length does. In fact, 2 more characters in password make a password much more stronger than tripling the size of character set base. Password like “cHb1%pXAuFP8” is extremely vulnerable to the human memory factor – you will easily forget it (you may remember the core phrase, but you forget the exact “L33t” form). On the contrary, a password like “Twinkle twinkle pingustarr” is by many many many orders stronger and absolutely unbreakable by a brute force (if the attacker has no hint). Just because it’s much longer and salted by a personal phrase out of any dictionary. And it’s perfectly rememberable though… This should be the right strategy: use as long password as you can. To remember it easily, use normal words. And to avoid dictionary attack, add something special. An intentional typo, a nonsense, a small chunk of random letters, something not obvious. That’s enough. “hello world” is too short and too obvious. “hello brave new world” is long enough, but easily breakable by a dictionary attack. But “hello brave newbabooon” is pretty strong, technically unbreakable password.
Monero
Monero
prefix 7 months ago
Interesting website about different aspects of using passwords:
https://passwordbits.com/
Tracy jones
Tracy jones
prefix 8 months ago
Ny emMsil is in this data breach thank u
Irine Singh
Irine Singh
prefix 9 months ago
For example some time need to do new training, new applications job or other things. some time ask for 1 upper case, lower case,special character ,8 characters
mitta toebay
mitta toebay
prefix 9 months ago
The article is not “wrong” per se, but it is fraught with complications and not as secure as the MATH would indicate.
https://protonmail.com/blog/protonmail-com-blog-password-vs-passphrase/
Mrs JAIPRIYA SHARMA
Mrs JAIPRIYA SHARMA
prefix 10 months ago
Thanks for the demonstration of how, to create a new password pa’s soon as possible.
Leave a Reply

Your email address will not be published. Required fields are marked