The Ultimate Guide to Password Security


The Ultimate Guide to Password Security

As the world gets increasingly more digital, the importance of a strong password grows and grows. Cybersecurity threats and data breaches are getting more and more common. Yet, in a world where almost every site needs an account, how do you even track your passwords, let alone create a safe, secure password that no one can crack? Today we take a look at everything you need to know about password security.

Why Passwords Help Avert Cyberattacks

When you use easy passwords, you leave yourself open to account hacking, and it’s also more likely your information can be stolen. Frightening numbers of people use a password from this list of common passwords. Hackers use automatic programs to try “match” passwords to accounts, so you can imagine how simple it is for them if you’re not even trying to keep password security.

Keeping Passwords Secure

We’ve all heard scary stories about writing down our passwords. And sure, if you have your banking details on a post-it note attached to your PC screen, expect trouble. But no cyberattacker can reach into your desk drawer and grab your password notes.

However, most of us are guilty of much worse password storage habits. We leave them in plain text files on our desktop, helpfully labeled “passwords”. Or we save them to our devices without even a single layer of security.

Encrypted password managers allow you to securely store and even generate passwords, without them being visible to the eye. AES-256-bit encryption, the level used by banks and military across the world, is near impossible to crack, so even if a password manager’s data is breached, they can do nothing with it.

Additionally, it becomes much easier to see a different password across sites when you don’t have to remember it letter by letter, encouraging better security protocols too. Of course, it’s best to have either an online storage option, or a backup of the data, in case of device loss. Otherwise, you’d have to start from scratch.

Lastly, be aware of social phishing. We give away tons of our personal information without a thought on social media, from when we are vacationing to spouse’s names, pet names, what we drive and our favorite foods. Many of the fun “free” games and challenges we see online are aimed at getting us to give up even more of this information to third parties. Armed with this, hackers can guess at passwords, respond correctly to security questions, and breach your data with all the juicy information you handed them without thinking twice.

common passwords

Embracing Two-Factor Authentication

Also called 2FA, Two-factor authentication adds another layer of security to your accounts. Once your password is correctly entered, the app or platform sends a code to your mobile device for you to input.

With this additional step in place, it’s much more difficult for a hacker to get access to your data as they need the second, always-changing, code, too.

Creating a Strong Password

What does a strong password look like? It goes without saying that you should avoid common words, names, and phrases. Likewise, easily guessed information- birthdays, children or spouse’s names, and so on- are best avoided. In fact, the more random you can make this password, the better.

It’s good to use all types of characters- so uppercase, lowercase, numbers, and symbols in a mix. This makes random guesses a lot harder, reducing the likelihood of brute-force attacks working. Each password should also be at least 8 characters long. Again, this makes algorithm-based brute force attacks a lot more difficult, as they take longer and longer to find a match.

Varying passwords across accounts is critical, too. Otherwise, if your information is guessed or leaked, you’ve opened up your entire world to the hacker. While best practice is to use a different password on every site, at least make sure sensitive and critical passwords- social media, banking, and so on- have different passwords.

If you want to add an additional layer of protection, look at creating a passphrase. This is something that’s easy for you to remember, because it’s a concept or sentence. However, when you apply our other password rules, like using all character types, it becomes a random string to anyone else. Let’s take a look.

Let’s create the passphrase, “Susan likes cookies”. We could recreate this as a secure passphrase like this:


Easy to remember, tough to crack. It goes without saying, you shouldn’t know a Susan or love cookies yourself if you want this to stay extra-strong!

Other Ways to Stay Cyber-Safe with Passwords

In addition to creating a tough password, there’s some other common-sense security strategies you should be looking at.

Many people are turning to VPNs, or Virtual Private Networks, to encrypt all their internet traffic. This makes it exponentially harder for hackers to target you.

Likewise, stay away from public wi-fi. Yes, it’s nice to get the freebie, but the risk is too great. They have less security in place than your private home network. If you must use them, such as when you travel, use a VPN to help mask your identity and keep your data safe and consider other password options temporarily.

And lastly, be sure to keep your software updated. Most updates are addressing security concerns and updating vulnerabilities that have been discovered. Without these updated protections in place, you’re an easy target.


In conclusion, there’s a lot you can do to keep your valuable data safe, and most of it starts with your password strength. Using passphrases and passwords that aren’t obviously personal or common, keeping a strong character mix and at least 8 characters, changing passwords between sites, avoiding social data phishing, and storing passwords in an encrypted password manager all builds up extra layers of security to keep you safe.

Remember, your password is the key to your personal information and sensitive data, so make sure it’s a strong one. With these easy tips under your belt, your online identity will remain yours alone.