When creating an account on any website, you'll run into an inevitable dilemma: provide a weak but easy-to-remember password, or a strong password that you're likely to forget.
The rules mentioned in this article will help you practice good password security, and these methods have been tried and tested successfully by many internet users.
The most secure way to create passwords
- Avoid using short passwords.
Use a password with at least 10 characters. The more characters a password has, the longer it will take for hackers to crack it.
- complicate passwords.
Password strength can be achieved by including upper and lower case letters, numbers, and special characters. The more of them the better.
- Use a password manager.
If you have a lot of passwords (such as website login passwords, bank card passwords, online banking account passwords, etc.), and the passwords are long and difficult to remember, it is recommended to use a powerful onepassword managerto help organize various login details.
- Create mnemonic.
If you don't like tools for managing passwords, create memorable phrases that relate to the website or service you use. For example, if using a VPN service toHide your IP address, or avoid public Wi-Fi network risks, etc.various security considerations, then the sentence "I like to use VPN to protect my money" can be abbreviated to "Il2uNV2pm$$$" and used as a mnemonic for the password. This mnemonic form of password, which includes all four types of characters, is complex, moderately long, and easy to remember.
- Using a passphrase (Diceware method).
While dictionary words are not recommended (see tips for avoiding weak passwords below), creating a combination of 6-7 random words is a great way to protect your account. Still, randomness is key. The human brain is very bad at stringing together really random words, soEFF websiteA numbered list of words is provided. For example, combinations like "right zebra fashion ultramarine football work" are extremely difficult to guess because of their length and randomness, but fairly easy to remember.
- Use a password generator.
userandom password generatorto increase password strength to create strong and unique passwords. With this tool, you can create passwords from 8 to 60 characters and use filters to add or avoid certain characters. Then, just copy the password directly into the password manager, as shown in the image below:
Simply following these tips will be a huge improvement and instantly increase your password strength. This is especially important for online banking and other financially sensitive websites.
Avoid weak passwords
Avoid the following in passwords:
- the "name" part of the username;
- the names of friends, family members, pets, especially your own;
- Personal information about family members or yourself. For example, phone number, date of birth, street name, license plate number, house/apartment number, etc.;
- A series of consecutive letters, numbers, or keyboard keys, such as "qwerty", "12345", "abcde", etc.;
- A word or combination of words in a dictionary, such as "blackdog";
- Obvious substitutions, such as "blackd0g", replace the letter o with the number 0
- Blank password.
Password common sense
Creating strong passwords is critical, but it's only the first step in improving your security. The way you manage your passwords is even more important. Often, people know the key rules, but somehow, tend toignore them. The following list will help you keep your private information safe.
- Create a unique password each time.
When you change the password for any account, it should not be the same as any previous password. Oh, and don't even think about setting the same password on different websites. Although it's temporary, try to resist and create unique passwords for each account.
- Change passwords for all existing accounts at least every 6 months.
Since passwords are of fixed length, brute force attacks to crack passwords will always succeed given enough processing power and time. Therefore, regular password changes are strongly recommended. Schedule your calendar to remind you to change your password every 6 months.
- Do not share your password with anyone.
This includes your family and friends. Also, never send an email with your password in the text. Sometimes hackers impersonate a customer support agent to send emails and ask for your username and password. Legitimate organizations or websites will never ask for your username and password via email.
- If your password is compromised, change it immediately.
Even if you just suspect someone may have stolen your password, change it immediately. Every minute counts.
- Do not use the "remember password" browser option without setting a master password.
If you don't set a master password in your browser, anyone using it can see the stored plain text password.
- Avoid entering passwords on other people's devices. This is especially important for bank websites and business accounts.
It is a common practice for hackers to log all keystrokes, which allows them to see everything you type, including your login information.