How to Create Strong Passwords

fox mascot

As the internet penetrates every aspect of our daily lives, we all use a rising amount of online accounts. Banking, insurance, social media, email, shopping… And they all require usernames and strong passwords. Let’s summarize what to do and not to do in order to maximize the strength and resistance of our passwords.

What to Avoid

Passwords are most often simply guessed by an attacker. Other times a list of often used passwords is enough to crack open your account and access or misuse stored information.

Here is a short guideline of things to avoid, if you don’t want your password to be weak and easily cracked.

  1. It might be a good idea to use the same username but it is definitely a bad idea to use the same password over and over again.
  2. Never use the default password, e.g. admin, password, guest, or similar ones.
  3. Don’t use short passwords, be it either keyboard sequences such as qwerty, simple logical sequences like 12345, gibberish like ehmehpeh, or easy identifiers of the psmith65 kind.
  4. It is also very simple to crack all dictionary words whether they are in English or any other language. Even if you combine two or more words, the resulting password is not strong enough.
  5. Simple combinations of words and numbers do not make a strong password either, e.g. trustno1, mypass2014, etc.
  6. Simply obscured words like p@ssw0rd, p0w3rus3r, or similar are also feeble and don’t resist crackers well.
  7. Don’t use any codes or numbers from any of your personal or family ID documents, bank cards, license plates, phone numbers, etc., or codes or numbers that are publicly known.

What to Do

Passwords that are very strong and extremely hard to crack consist of many characters and are completely random. However, even if we try our best, we humans simply are not too good in creating such passwords.

Therefore, with the multitude of online accounts we use daily, the best way to create strong passwords is to generate them randomly.

Generate Strong Passwords

The site I like most to generate random passwords is called Strong Password Generator. It enables its users to generate passwords consisting of at least 8 characters, up to a 100 characters.

generate strong passwords

Strong Password Generator

Current research shows that for most uses a 15-character long random password is long enough, as it would take an attacker more than a hundred years to crack it. This is why the default setting for character length is 15 in Strong Password Generator.

To make the password even safer, Strong Password Generator enables you to include punctuation characters into your random passwords. So it is a good idea to tick this checkbox. And also tick the Avoid similar characters check box, which further improves the complexity of your password.

In special circumstances, it is useful not to include punctuation used in programming in your password. For example, when you would like to use the password within PHP code, some characters are best avoided because they will damage the code.

After you click the green Generate strong password button, your new password will appear. If you are not satisfied with it, keep clicking the button until you are.

strong passwords created

Strong password is generated

Now that your strong and random password is ready, grab it by triple-clicking on it and using the well-known Ctrl+C / Ctrl+V keyboard shortcuts to copy and paste it into your password storage vault. My favorite storage facility is called KeePass Password Safe.

If you would like to go above and beyond to make extra sure that nobody ever cracks your passwords, use 35 to 40-characters long random passwords.

Such passwords are virtually impenetrable, even if the cracker uses a large distributed network of enslaved computers — yes, some people actually do that.

Quantum computers could, theoretically, break these passwords but they are at best a decade or two away from real-life usage. And by then, I am sure that someone will come up with uncrackable passwords for those pesky quantum computers, too.

Test Your Password

To test the strength of your newly created strong passwords, you can visit Intel’s password testing site or How Secure Is My Password. The estimates both sites give vary greatly, but are still reliable in general.

Liked this post?

Subscribe to our newsletter to receive early notification of new posts and deals:
[mc4wp_form id=”45″]

Next Post »