Skip to main content

Passwords

slideNumber:
a professional man uses a long password to open an oversize lock

Having a strong password is often your first line of defense against a hacking attempt. Creating strong passwords for your various accounts is essential in protecting your identity, accounts, and network. On the other hand, weak passwords can make you an easy target for hacking, but so can poor password hygiene. Here's what we recommend to ensure your safety on all your personal accounts:

Do's and Dont's

A few basic rules always apply to all kinds of passwords.

  • Aim for length - about 16-20 characters.
  • Include numbers, symbols, uppercase and lowercase letters.
  • Make a long, memorable phrase with several words.
  • Use a different password for each website or service you use. This is especially crucial with your accounts for school, finances, and the government.
  • Save passwords in a password manager.
  • Don't recycle passwords.
  • Don't use personally identifying information (nicknames, birthdays, anniversaries, addresses, etc.).
  • Don't use keyboard patterns like qwertyuiop or 1234.
  • Don't keep passwords written down in an unsecured place.

Strength = Variety x Length

If your password gets stolen in an encrypted form (often the case in major breaches), your best chance at avoiding decryption lies in having a long password. Every extra character in a password exponentially increases the time it will take a hacker to decrypt it. For this reason, passwords shorter than 8 characters are never safe, while passwords of 16+ characters can be nearly uncrackable. Some organizations, however, can't handle passwords past a certain character count, so here are some tips for securing passwords of varying lengths.

# of Characters

Types of Characters Needed to Keep the Password Strong

Example

8-11

Use symbols, mixed-case letters, and numbers C0ug@rZ47

12-15

Use mixed-case letters and numbersCouGar1847CooL

16-19

Use mixed-case lettersCouGarCooLestCast

20+

Use whatever you wantcougarcoolestcatsnack

Pass Phrases

A pass phrase is basically a series of words, including the use of spaces if desired, that can be used instead of a single pass "word." Pass phrases are easier to remember than complex passwords. Pass phrases should be at least 16 characters in length (spaces count as characters). Longer is better because, though pass phrases look simple, the increased length provides so many possible permutations that a standard password-cracking program will not be effective. Disguising simplicity by throwing in elements of weirdness, nonsense, or randomness, will help make it more secure. For example:

pizza home cosmic spaniels
foggy tooth jazz pants

Adding punctuation and capitalization to your phrase and adding in a few numbers or symbols from the top row of the keyboard, plus using some deliberately misspelled words will create an almost unguessable password. For example:

Pizza Home Cosmic Spaniels?
P1zza 4 Hom3 Cosmik Spanielz!

Foggy Tooth Jazz Pants!
Fogggy Toooth J4zz P@nts?

Password Managers

Password managers are third-party applications that encrypt and store passwords for you—either ones you've made, or auto-generated passwords that are highly hacker-resistant. You only need to remember one password to access the others your password manager keeps—but follow the tips on this page to make it a strong one, just in case!

Popular password managers include LastPass, Dashlane, KeePass, Bitwarden, or 1Password, Always do your research before choosing a password manager.

LEARN MORE

Virus and Malware Protection

Learn about the different kinds of malware that exist, and how to prevent, detect and respond to them.

Device Protection

Learn general tips for keeping your physical devices protected from unauthorized access and other physical threats.

Software Updates

Learn why keeping the operating system on your devices up to date is actually a very important security precaution.

Internet Safety

Learn how to protect yourself from being scammed, tricked, or hacked while surfing the web.

Social Media

Learn what steps you can take to ensure that your social media accounts are protected.

Phishing

Learn how to identify and avoid scam emails, texts, and more. Phishing scams steal personal info on a regular basis.

Two-Factor Authentication

Learn how 2-Factor Authentication services like DUO protect your account from hackers and accidental access.

Wi-Fi

Learn the difference between secured and unsecured Wi-Fi networks and how to be safe when connecting to a wireless network.

Backing Up Your Data

Learn about different data storage options and consider which options are best for your needs.

Social Engineering

Learn about methods criminals might use to obtain your information by building false trust.

Working and Studying from Home

Learn how to be healthy and secure while following shelter-in-place instructions