Making Your Password as Strong as Possible
Table of contents
- How a password can be hacked
- The dictionary attack
- The brute force attack
- How to create secure passwords
- Avoid common substitutions
- Keep it long
- Use a mix of characters
- Use a password generator
- Unique passwords
- Advanced tips for password safety
- The passphrase method
- The sentence method
- The association method
- The keyboard method
- Passwords to avoid: The 10 worst passwords of 2021
- Other ways to stay safe online
- What’s a unique password?
- Why is password security important?
- What is the most secure password?
- How secure is my password?
- Does changing your password stop hackers?
What is the most secure password?
One that’s not easy but not too complicated, personal but not too personal, long but not too long.
Yes, creating secure and unique passwords is tricky. But Clario is here to help.
Do you use the same password for all your accounts? If the answer is yes, then do you still think it’s secure because it looks like this: Dj7u-30P-R38#w8? This might seem correct but isn’t always the case. Don’t worry if you’re confused. This article will teach you how to create really strong passwords to keep your personal details secure
How a password can be hacked
Believe it or not, cybercriminals are some of the most creative people on the planet who are constantly coming up with clever ways to steal your personal data, including your passwords. Here are some popular ways hackers try to get hold of your personal details.
This is when hackers “phish” or bait you into sharing passwords through emails, text messages, or even voice calls that look like they’re from legit companies (such as your bank or credit card provider).
The dictionary attack
Cybercriminals can resort to an index of words or a dictionary to find your password. Typically, hackers have a list of the most common passwords they use to try and hack into online accounts.
The brute force attack
Similarly to the dictionary attack, hackers use non-indexed words and alpha-numeric combinations as part of a brute force attack to figure out your password.
Hackers trick you into installing malicious software on your computer when you accidentally download a suspicious attachment. They will then be able to remotely control your device or install malware that gathers passwords as you type them.
If your hacker is an annoyed sibling or a mischievous colleague, they might only go as far as changing your profile picture or posting something embarrassing using your account. But real cybercriminals aren't as friendly. Password security is very important since it can save you from:
- Identity theft. Hackers pick up details of your personal life that they use to steal your identity or impersonate you to apply for loans, credit cards, and more.
- Compromised privacy. By figuring out your passwords, hackers can access important files and other information stored in your online accounts, and compromise your online privacy.
- Account ransom. Once scammers hack into your account, they can hold it or your device "hostage" by encrypting your files until you pay a ransom. And when you do, they will then send you a decryption key to re-access these accounts or files. Provided that they were even planning to give you your files back, of course.
These are just some of the reasons why creating a strong and secure password should be at the top of your priority list.
How to create secure passwords
Now you know how passwords are hacked and what hackers can do with your personal information, you might be wondering, "How can I create strong passwords to outsmart them?"
Here’s the ultimate list of tips from tech journalists and cybersecurity experts. They’re in the know as they’ve been studying what makes a strong password for years.
Avoid common substitutions
Hackers are wise to the usual substitutions used in passwords. So, whether you use “BOOKWORM” or “B00KW0RM”, the brute force attacker will crack it with ease. Replacing O with 0 isn’t going to make your password any stronger. Instead, try to cram random characters in it.
Keep it long
When it comes to creating strong passwords, length matters. Computer security experts recommend opting for passwords 12 characters or longer. For future-proofing, you can even make it 20+ characters long. The rule of thumb is to use additional symbols in your passwords as this significantly increases the number of possible combinations and makes it harder to crack.
Use a mix of characters
A safe password should be difficult for someone to crack or even guess. So, steer clear from using generic ones, like “password” or “12345”. These two are among the most popular password choices in the world, and also among the least useful.
It’s a good idea to include numbers, punctuations, symbols, uppercase and lowercase letters in your password to make it extra difficult to decipher. For instance, “ThI$pswrDs10xUnCrcKble” is much more difficult to guess than “password123”.
Use a password generator
If you’re struggling to come up with strong passwords on your own, using a password generator is a quick and easy way to get a unique and strong password. With a single click, this tool generates completely random passwords. You can then choose one and tweak it or simply copy and use it as a password for your device or account.
Once you’ve created a strong password, it might be tempting to use the same password for all your online accounts. Don’t! By doing so, you’re setting yourself up for danger in the form of multiple attacks. If a hacker manages to figure out your password, they could then access every account that uses it.
Advanced tips for password safety
Just like there are basic methods to create a strong password, there are additional tips for advanced users. The expert-recommended methods below will help you with some good password ideas.
The passphrase method
This is one of the best ways to create secure passwords that are easy to memorize. You pick a phrase instead of a word, then take the numbers, first letters, and punctuation from that phrase to come up with a random combination of characters. For instance, the phrase ”I first went to an amusement park when I was five years old, and it made me happy” can be turned into the password ”I1stw2APwIw5yrs&immH”.
The more random the words you include in your passphrase, the stronger the password will be. Plus, passwords created using this method are typically longer, making it more difficult to guess or brute force them.
The sentence method
Also known as the Bruce Schneier method, the sentence method involves coming up with a random sentence and transforming it into a password using a rule. For example, if you take the first two letters of every word in the sentence “Marian’s sell my favorite vanilla tarts in all of New York", you’ll get “MasemyfavatainalofNeYo”.
To others, it might be gibberish, but to you, it makes perfect sense. Just make sure you choose a sentence that’s not too personal or easy to guess.
The association method
In this method, you use phrases that mean something to you or you associate with a specific type of website. For instance, “sugar, spice, and everything nice” might make a password for a social media site that’s all about good vibes and friends. You can also use a phrase about money as a password to your banking website.
The keyboard method
Most computer keyboards are made of anywhere between 101 to 105 keys. So, you have ample options for creating a unique password. Use symbols to craft smiley faces and emoticons to instantly make your password stronger. Play around with numbers, make shapes using letters – consider the keyboard as your canvas.
Passwords to avoid: The 10 worst passwords of 2021
Humans are creatures of habit, and unfortunately, this is what makes our passwords predictable. We often use our birthdays, anniversaries, names of our pets, favorite foods, or sports as our passwords. But we often forget that these pieces of information are usually publicly available and can easily be guessed.
"Soccer56," Tiger42," "Dragon00," and "basketball429" are all terrible ideas for a strong password. So are names like Jennifer, Charlie, Samantha, Michelle, Thomas, Jordan, Maggie, and Maria. These are common names, and using them as passwords makes them easily hackable.
Here’s a list of the top 10 worst passwords of 2021:
As you can see from the list, these passwords are all short and follow easily discernible patterns.
Other ways to stay safe online
Apart from creating secure passwords for all your accounts, there are other best practices for boosting your digital security.
- Use a VPN. While passwords keep unauthorized users from accessing your accounts, Internet Service Providers (ISPs) can still track your online activity and your devices’ IP addresses. Connect to a verified VPN (Virtual Private Network) to keep your web activity and the IP addresses hidden.
- Install a home security system. Home security systems are an excellent way to protect your home and family.
- Get identity theft protection. Though a strong password can secure your online account, it still falls short in protecting your personally identifiable information (PII) from identity theft. So, we recommend using top identity theft protection software.
- Use antivirus software. Antivirus software scans your phones, computers, and tablets for viruses, malware, ransomware, spyware, and other cyberthreats.
- Use a password manager. Password managers help you store usernames and passwords in encrypted vaults, allowing you to log into your accounts with just master passwords or biometrics.
What’s a unique password?
A unique password is only used for a single account. By creating a unique password for different accounts, you prevent hackers from accessing other accounts even if they manage to figure out one of your passwords.
Why is password security important?
Passwords represent the first line of defense against unauthorized access to your personal information and computer. The stronger your password is, the more secure your information will be from hackers and malicious software.
What is the most secure password?
The most secure passwords include 12 characters or more. Those with random numbers, symbols, uppercase, and lowercase letters are the hardest to crack.
How secure is my password?
Some websites tell you whether your password is weak or strong when you’re setting up an account. If your password is more than 12 characters long, contains numbers/characters/uppercase and lowercase letters, and is based on a phrase that only makes sense to you, you should be fine. There are also websites to help you check your password strength.
Does changing your password stop hackers?
Yes, changing passwords prevents hackers from accessing your account. Updating your password at the first signs of an attack can limit the damage. Changing your password regularly is also an excellent habit for improved security.