We all know we should have strong passwords. And yet… so many of us still use the same simple password we’ve been using for years. Even worse, we use the same password for multiple accounts!
In fact, a recent survey found that 44% of people rarely or NEVER change their password… even though 64% have “weak” passwords. This could be why 1 in 5 people have had their accounts hacked!
So, why don’t more people have strong passwords? And if you’re seeing yourself in this story so far, you’re probably wondering: how can I create stronger passwords?!
No worries, we’re here to help! Our theory is that most people think creating a strong password has to be complicated. They think they have to replace “Password12345” with something whacky like “xcv#@kLDSl21nR$k2”.
However, that’s simply not true!
What does a strong password look like?
Although it’s true that “xcv#@kLDSl21nR$k2” would be a strong password, it’s simply not necessary.
The “traditional advice” says that a strong password has:
- At least 12 characters.
- At least one number, symbol, capital letter, and lower-case letter.
- Isn’t based on a single word or phrase.
- Doesn’t rely on easy-to-guess substitutions (Like “h0rs3” instead of “horse”).
This is all true – but as it turns out, there’s a much easier way to create passwords that aren’t full of gibberish. They’re called passphrases!
The passphrase: Stronger and easier to remember than a traditional password
In reality, strong passwords should be both easy to create AND remember.
Remember, the point of a good password is to trick computers – not necessarily yourself!
And, while it’s true that computers can be tricked by “xcv#@kLDSl21nR$k2”, they can ALSO be tricked by simple sequences of words put together – called a passphrase. Passphrases are just as good at tricking computers as complicated passwords, but much easier to remember.
To create a passphrase, simply come up with a set of four words that aren’t obviously related to one another… for example, “French Apple Metal Tree”.
Now, put them together: FrenchAppleMetalTree
This is called a passphrase, and it’s actually incredibly difficult for computers to guess. Even better, you can come up with mnemonics to remember them. For this example, you could imagine an apple pie in a metal baking tray sitting under a tree in France – an image that will be much easier to remember than “xcv#@kLDSl21nR$k2”.
(Note: passphrases are NEVER full sentences, as this would be easy for humans to guess and could even be picked up by AI.)
You can add symbols or letters to make it even stronger!
This classic comic from XKCD sums up the situation brilliantly:
A strong password is only the first step
Now that you have a system for making strong passwords, it’s time to make one for each account you have!
This is because passwords should never be reused. That’s how data breaches cause problems – when you use the same password in multiple places, hackers will just hack the easiest place they can find, then use that same username/password combination elsewhere.
That’s why we highly recommend creating a new password for each website and account.
Okay – so now you have a system for creating strong passwords AND you know you need to make a bunch of them. But, err… doesn’t that mean it’s going to be difficult to keep track of all these new passwords (even if they’re easy to remember)?
Yup – and that’s where a password manager comes in handy!
Keep track of all those passwords with a password manager
A password manager helps you access your passwords quickly and securely across all your sites.
There are a few types of password managers. In fact, pen and paper is still preferred by many – just make sure it’s in a secure location, as losing that could mean serious problems.
For those who prefer pen and paper, we recommend the BookFactory Password Journal (click HERE to visit).
If you’re more tech savvy, then you might like LastPass. It’s a free password manager that stores encrypted passwords online.
Finally, here’s a tool you can use to check your password strength: http://www.passwordmeter.com/
As you can see, the example password (“FrenchAppleMetalTree”) scored 72% (Strong) – and if we add a symbol at the end, we get 100%!
Now you know how to create a strong password. Here’s to safer browsing!
Let’s summarize everything so far. To stay secure online, you should:
- Update your passwords regularly.
- Use passphrases if you want to create strong passwords you can easily remember.
- Use unique passwords for every account you own.
- Get a password manager if you have a lot of different accounts (click here for a classic version, click here for a digital version).
We hope you found this article useful!