Creating a strong password is a critical step to protecting yourself online. In fact, passwords are the first line of defense against cybercriminals and data breaches.
All passwords, regardless of what accounts they protect, should be created with these three guiding principles in mind:
- Long – Every one of your passwords should be at least 12 characters long.
- Unique – Each account needs to be protected with its own unique password and it is important to never reuse passwords. This way, if one of your accounts is compromised, your other accounts remain secured.
- Complex – Each unique password should be a combination of uppercase letters, lowercase letters, numbers and special characters.
Using long, complex passwords is one of the easiest ways to defend yourself from cybercrime.
Other simple tips when creating strong passwords:
- Don’t make passwords easy to guess. The more guessable a password is, the easier it is for cybercriminals to hack your account.
- Avoid using common words. Substitute letters with punctuation marks or other special characters. (Example- replace the letter “A” with the @ symbol, or the letter “I” with an exclamation mark “!”.
- Get creative. Use phonetic replacements, such as “PH” instead of “F”, or make deliberate, but obvious misspellings such as “enjin” instead of “engine”.
- Double your login protection. If available, enable multi-factor authentication (MFA) with your password to ensure only you have access to your own account.
- Utilize password managers to remember passwords. This is the most secure and effective way to store all your unique passwords.
Creating Passwords Tip Sheet, CISA.
Passwords Securing Accounts, National Cybersecurity Alliance.