Skip to main content

Passwords

slideNumber:
a professional man uses a long password to open an oversize lock

Having a strong password is often your first line of defense against a hacking attempt. Creating strong passwords for your various accounts is essential in protecting your identity, accounts, and network. On the other hand, weak passwords can make you an easy target for hacking, but so can poor password hygiene. Here's what we recommend to ensure your safety on all your personal accounts:

Do's and Dont's

A few basic rules always apply to all kinds of passwords.

  • Aim for length - about 16-20 characters.
  • Include numbers, symbols, uppercase and lowercase letters.
  • Make a long, memorable phrase with several words.
  • Use a different password for each website or service you use. This is especially crucial with your accounts for school, finances, and the government.
  • Save passwords in a password manager.
  • Don't recycle passwords.
  • Don't use personally identifying information (nicknames, birthdays, anniversaries, addresses, etc.).
  • Don't use keyboard patterns like qwertyuiop or 1234.
  • Don't keep passwords written down in an unsecured place.

Strength = Variety x Length

If your password gets stolen in an encrypted form (often the case in major breaches), your best chance at avoiding decryption lies in having a long password. Every extra character in a password exponentially increases the time it will take a hacker to decrypt it. For this reason, passwords shorter than 8 characters are never safe, while passwords of 16+ characters can be nearly uncrackable. Some organizations, however, can't handle passwords past a certain character count, so here are some tips for securing passwords of varying lengths.

# of Characters

Types of Characters Needed to Keep the Password Strong

Example

8-11

Use symbols, mixed-case letters, and numbers C0ug@rZ47

12-15

Use mixed-case letters and numbers CouGar1847CooL

16-19

Use mixed-case letters CouGarCooLestCast

20+

Use whatever you want cougarcoolestcatsnack

Pass Phrases

A pass phrase is basically a series of words, including the use of spaces if desired, that can be used instead of a single pass "word." Pass phrases are easier to remember than complex passwords. Pass phrases should be at least 16 characters in length (spaces count as characters). Longer is better because, though pass phrases look simple, the increased length provides so many possible permutations that a standard password-cracking program will not be effective. Disguising simplicity by throwing in elements of weirdness, nonsense, or randomness, will help make it more secure. For example:

pizza home cosmic spaniels
foggy tooth jazz pants

Adding punctuation and capitalization to your phrase and adding in a few numbers or symbols from the top row of the keyboard, plus using some deliberately misspelled words will create an almost unguessable password. For example:

Pizza Home Cosmic Spaniels?
P1zza 4 Hom3 Cosmik Spanielz!

Foggy Tooth Jazz Pants!
Fogggy Toooth J4zz P@nts?

Password Managers

Password managers are third-party applications that encrypt and store passwords for you—either ones you've made, or auto-generated passwords that are highly hacker-resistant. You only need to remember one password to access the others your password manager keeps—but follow the tips on this page to make it a strong one, just in case!

Popular password managers include LastPass, Dashlane, KeePass, Bitwarden, or 1Password, Always do your research before choosing a password manager.

LEARN MORE

Learn about the different kinds of malware that exist, and how to prevent, detect and respond to them.
Learn general tips for keeping your physical devices protected from unauthorized access and other physical threats.
Learn why keeping the operating system on your devices up to date is actually a very important security precaution.
Learn how to protect yourself from being scammed, tricked, or hacked while surfing the web.
Learn what steps you can take to ensure that your social media accounts are protected.
Learn how to identify and avoid scam emails, texts, and more. Phishing scams steal personal info on a regular basis.
Learn how 2-Factor Authentication services like DUO protect your account from hackers and accidental access.
Learn the difference between secured and unsecured Wi-Fi networks and how to be safe when connecting to a wireless network.
Learn about different data storage options and consider which options are best for your needs.
Learn about methods criminals might use to obtain your information by building false trust.
Learn how to be healthy and secure while following shelter-in-place instructions