We may earn affiliate commissions for the recommended products. Learn more.

How to create a strong password in 2025


Sensitive online data, especially passwords, requires robust protection. However, many users still rely on easily memorable but weak passwords. The misconception that strong passwords must be inconvenient and hard to remember only increases the vulnerability of online accounts.

There are several effective ways to create strong, unique passwords – such as using password generators or avoiding personal information in your passwords. In this guide, I highlight common weaknesses in password choices and provide practical tips to help you strengthen your online security with tough, hard-to-guess passwords

This article serves as a comprehensive resource for creating strong passwords, ensuring top-notch protection against potential cyberthreats.

Create unbreakable passwords with 1Password
1Password is one of the most secure password managers with cross-platform functionality, a powerful password generator to create a strong password, and uncrackable encryption to share your files securely. There's a 14-day free trial to try out the password manager risk-free.
cybernews® score
4.8 /5

What is a strong password?

A strong password is one you can’t guess or crack using a brute force attack. Progress in the technological sphere leads to improvements in malicious hacker’s arsenals, too. Therefore, strong passwords consist of a combination of uppercase and lowercase letters, numbers, and special symbols, such as punctuation. They should be at least 12 characters long or even lengthier.

Here are the main characteristics of a secure and strong password:

  • At least 12 characters long or more
  • Combination of uppercase and lowercase letters, numbers, and symbols
  • Not a familiar name, person, character, or product
  • Is not based on your personal information
  • Passwords are unique for each account you have
  • Significantly different from your previously used passwords

When you’re setting up an online account, there’ll often be prompts reminding you to include numbers or a certain number of characters. Some may even prevent you from setting a weak password, which is usually one word or number combination that’s easy to guess.

But even if you aren’t reminded to set a strong password, it’s imperative to do so whenever you’re setting up a new online account or changing passwords for any existing account.

How to create a strong password – 6 steps

There are numerous tools you can employ to create unique and strong passwords for each of your online accounts. The Cybernews team has a ready-made password generator tool that generates unique and almost impossible-to-crack passwords. Alternatively, you should follow my top tips and ideas on how to set up a good and strong password:

1. Use a password generator for strong passwords

If you don’t have time to come up with your passwords, a password generator is the perfect tool that can suggest a strong password quickly and easily. Our in-house secure password generator will create a sequence of random characters. Copy and use it as a password for your device, email, social media account, or anything else that requires private access.

Some password creation tools also include hints on how to remember a particular password. For example, the output:

K4k'F@F#>v_[2.z>

Is accompanied by the following clue:

KOREAN 4 korean ' FRUIT @ FRUIT # > visa _ [ 2 . zip >

Alternatively, many reliable password managers also implement password manager tools, so you can get a two-in-one service, which can help to not only generate passwords but keep them secure, too.

2. Create a strong passphrase

Passphrases are much more secure than passwords because they’re typically longer, making them more challenging to guess or brute force. So, instead of choosing a word, pick a phrase and take the first letters, numbers, and punctuation from that phrase to make a good password.

There are no specific rules on how to create a strong passphrase because everyone’s preferences vary. Ideally, it should be something unique only you could come up with and remember. Here are some examples of how you can use the passphrase method to create strong passwords:

PhrasePassword
I first went to Disneyland when I was 4 years old and it made me happyI1stw2DLwIw8yrs&immJ
My friend Matt ate six doughnuts at the bakery café and it cost him £10MfMa6d@tbc&ich£10
For the first time ever, Manchester United lost 5:0 to Manchester City4da1sttymevaMU5:02MC

Note: Don’t use common phrases, because these are vulnerable to dictionary attacks – random combinations are what you want.

3. Opt for a more secure version of the dictionary method

A popular method for choosing a password is to open a dictionary or book and choose a random word. However, a single word is quite easy for a threat actor to guess, so it is best to choose a few words and string them together with numbers and symbols to make a strong password.

Here are some examples of good password ideas created with this method:

Words from the dictionarySecure password
Jigsaw, quest, trait, forkJigsaw%Quest7trait/fork48
Glimpse, stuff, prize, koalaG1impse$tuff74Prize8Koala!
Trombone, fish, quick, upsideTr0mb0ne&Fish?Qu1ck^side

4. Play around with phrases and quotes

If you want a password that’s difficult for others to guess, but easy for you to remember, it can be a good idea to use a variation on a meaningful phrase or quote. Simply take a phrase you’ll remember and swap out some of the letters for numbers and symbols.

Here are some examples of strong password ideas generated with this method:

Quote or phraseSecure password
“One for all and all for one”: The Three Musketeers14A&A413Mu$keteers!
“For the first time in forever”: Disney’s Frozen4da1stTymein4eva-Frozen
“Twinkle twinkle little star, how I wonder what you are”: nursery rhymeTW1nkle7ittle*how1??UR

5. Use emoticons

If you want to add symbols to your passwords without making them harder to remember, you can always use emoticons.

Although you won’t be able to add in emojis, you can use emoticons, which are coded versions, usually made up of punctuation, letters, and/or numbers.

Here are some emoticons that you can use in your passwords:

emoticons for passwords

6. Customize your passwords for specific accounts

Once you’ve come up with a strong password that you can remember, you’ll still have to create different passwords for each of your online accounts. But, rather than starting the whole process again, you could simply add a different code to your password for each online account.

So, for example, if your password was cHb1%pXAuFP8 and you wanted to make it unique for your eBay account, you could add £bay on the end so you know it’s different from your original password but still memorable.

Here’s how that could work:

Online accountPassword with added code
EmailcHb1%pXAuFP8EMa1l
AmazoncHb1%pXAuFP8AZN
eBaycHb1%pXAuFP8£Bay

Strong password examples

Here are 4 really strong password examples:

  • X5j13$#eCM1cG@Kdc
  • %j8kr^Zfpr!Kf#ZjnGb$
  • PkxgbEM%@hdBnub4T
  • vUUN7E@!2v5TtJSyZ

As you can see, these passwords are pretty random and meaningless at first glance. While this makes them hard to memorize, they're also much more challenging for malicious hackers to crack. These passwords are strong because they are 15 characters long or even longer. Generally, all characters are in random order and contain both uppercase and lowercase letters and special characters, as well as numbers. They also don’t have any memorable keypaths or personal information that could help identify the password quicker.

How to keep your strong passwords secure

Now that you’ve set up a strong password for each of your online accounts, the next step is to keep them safe and secure from hackers or other cyberthreats. Here are some of our top tips for password safety:

  • Choose a secure password manager. Use a reputable password manager to generate and store complex passwords securely. Password managers encrypt your passwords and provide easy access.
  • Enable two-factor authentication. Implement two-factor authentication (2FA) whenever possible. This adds an extra layer of security by requiring a second form of verification.
  • Don’t save your passwords locally. Avoid saving passwords in browsers or locally on your devices. If your device is lost or compromised, locally saved passwords can be easily accessed by unauthorized individuals.
  • Check if your email has been leaked. Regularly check if your email address has been involved in any data breaches. If your email is compromised, change your password immediately and update it across other accounts.
  • Do not reuse passwords. Avoid using the same password across multiple accounts. If one account is compromised, using unique passwords ensures that other accounts remain secure.
  • Avoid personal information. Refrain from using easily accessible personal information such as your name, birthdate, or common words related to you. Hackers often use information readily available online to guess passwords.

The impact of data breaches on password security

Data breaches can expose sensitive information, including usernames, passwords, and other personal details. Even if you use strong, unique passwords, a breach of a service or website you use may lead to your credentials being stolen and exploited by cybercriminals. If your information is exposed in a breach, it’s critical to change your password immediately, not only on that service but across any other accounts where you may have reused the same password.

Many online platforms offer services that notify you when your data has been breached, which makes it easier for you to act quickly and mitigate damage. For maximum security, monitor your accounts regularly and be proactive about updating passwords when necessary.

You can also sign up for services like Have I Been Pwned to receive notifications if your email or account is found in a data breach. This allows you to take swift action and minimize any potential damage to your online security.

Conclusion

Passwords are like the lock on your apartment door – they're the one thing criminals have to go through if you're not home. Having a weak password is like a weak lock. It greatly increases the number of people who have the means to access your accounts.

Using all the tricks in this article to create strong, memorable passwords is a good place to start increasing your security. Alternatively, get a strong password manager like 1Password and generate all your passwords automatically - that way, you won't have to remember any of them.

Whichever course you decide to take, don't put it off! Data leaks and breaches happen every day, and the next one could have your password in it.

FAQ

Comments

JJC
prefix 4 months ago
Thanks for the demonstration of how to create a new password
Janine
prefix 3 years ago
I wana know how a sequence of characters composed of letters and at least 6 digits look like ??
Rishi Pal Malik
prefix 3 years ago
I lost my device Oppo A52020 last year June 23 2020 some one else is using this device as well all my gmail account Facebook whatsapp etc therefore I want to make my strong password
clowns
prefix 3 years ago
I first went to Disneyland when I was 4 years old and it made me happy => I1stw2DLwIw8yrs&immJ.
?!
8r@V0!
Jocelynn
prefix 3 years ago
is my name a stroung password?
George
prefix 8 months ago
No. You should never have personal information in your password, such as your name, your children's names, your birthday, or your address. It is too easy to guess your password if it is based on information about you.
Petr Stanicek
prefix 3 years ago
Why do you still recommend using special chars and unredable passwords, it’s so obsolete. Using set of like 80 characters (small/capital letters, numbers, special chars) doesn’t make a password much stronger, the length does. In fact, 2 more characters in password make a password much more stronger than tripling the size of character set base. Password like “cHb1%pXAuFP8” is extremely vulnerable to the human memory factor – you will easily forget it (you may remember the core phrase, but you forget the exact “L33t” form). On the contrary, a password like “Twinkle twinkle pingustarr” is by many many many orders stronger and absolutely unbreakable by a brute force (if the attacker has no hint). Just because it’s much longer and salted by a personal phrase out of any dictionary. And it’s perfectly rememberable though… This should be the right strategy: use as long password as you can. To remember it easily, use normal words. And to avoid dictionary attack, add something special. An intentional typo, a nonsense, a small chunk of random letters, something not obvious. That’s enough. “hello world” is too short and too obvious. “hello brave new world” is long enough, but easily breakable by a dictionary attack. But “hello brave newbabooon” is pretty strong, technically unbreakable password.
Monero
prefix 3 years ago
Interesting website about different aspects of using passwords:
https://passwordbits.com/
Tracy jones
prefix 3 years ago
Ny emMsil is in this data breach thank u
Irine Singh
prefix 4 years ago
For example some time need to do new training, new applications job or other things. some time ask for 1 upper case, lower case,special character ,8 characters
mitta toebay
prefix 4 years ago
The article is not “wrong” per se, but it is fraught with complications and not as secure as the MATH would indicate.
https://protonmail.com/blog/protonmail-com-blog-password-vs-passphrase/
Mrs JAIPRIYA SHARMA
prefix 4 years ago
Thanks for the demonstration of how, to create a new password pa’s soon as possible.
Leave a Reply

Your email address will not be published. Required fields are markedmarked