10 Steps to a Stronger Password

Passwords are like keys to your house ― they protect what’s most important to you, including your identity. Choosing a strong password and remembering it can be challenging (passphrases are recommended). However, it’s one of your first lines of defense against cyber-attacks and identity theft. The stronger the password, the more secure your computer, mobile devices, and online accounts will be.

Follow these “Top Ten” steps to make your passwords stronger and more secure.

  1. Use Passphrases: Passphrases are a stronger form of passwords and use multiple words/a sequence of words that can even be sentence-like in structure (e.g., a song lyric or your favorite destinations). Use a passphrase that is easy to remember but hard for others to guess (and not from information posted on your social media accounts). For example: Last of the Mohicans, Caribbean and NYC6!
  2. Remember the Basics:
    • Use numbers or special characters and caps in your passwords/passphrases.
    • Don’t use the word “Password” or other common words (e.g., Fall, Summer) and avoid using consecutive keyboard combinations, such as “qwerty,” “azerty” or “asdfg.”
    • Don’t use just a single word, slang terms, common misspellings, or words spelled backward.
    • Don’t use personal information, especially information that can be found on your social media accounts, such as your name, age, birthday, child’s name, pet’s name, favorite color etc. — even if you put a number after it.
  3. One and Done: Never reuse your password or credentials (username and Password) across multiple sites, especially those that give access to sensitive information such as your bank. If your account is compromised and you have used the same password combination across multiple sites, your information may be easily used by bad actors to get into any of your other accounts.
  4. Implement 2FA / MFA: We recommend enabling two-factor authentication, also called Multi-Factor Authentication or MFA, on social media, bank accounts and any other services that offer it to add an extra layer of protection (which becomes your first layer of protection should your account details get compromised). MFA requires something you know, like a password, plus something you have, such as a code sent to your phone, biometrics (fingerprint, eye scan, etc.), or a physical token. This way, as simple or complex as your password is, it’s only half of the puzzle.
  5. Password Managers are Your Friend: A dedicated password manager is an application on your computer or mobile device (cell phone, laptop or tablet) that stores your passwords in encrypted form, helps you generate secure random passwords, offers a more powerful interface, and allows you to easily access your passwords across all the different computers, smartphones, and tablets you use.
  6. Avoid Spying Eyes: Be sure no one watches when you enter your password. Pay extra attention when you’re on a plane, bus, or other place where you’re near a stranger. Consider using a privacy screen on your frequently used devices.
  7. Avoid the Unknown: Avoid entering passwords on computers you don’t control (like at an Internet café) — they may contain malware that steals your passwords.
  8. Wi-Fi: Avoid using unsecured Wi-Fi connections (like at the airport or coffee shop) — hackers can intercept your passwords and data over this unsecured connection.
  9. Keep it to Yourself: Don’t tell anyone your password(s). Your trusted friend or colleague may not continue to be so in the future or might unintentionally share your password.
  10. Fool the Questions: Some sites ask personal questions like how you met your spouse, the color of your first car or your favorite pizza topping, to validate your identity. These answers are often found on social media or have very common answers that are easily guessed. The best way to use these questions is to choose a random selection (if multiple choice is offered) or enter a wacky response if open text (you can say that your favorite pizza topping is basketballs!).

Did you know? You can authenticate with ease into ADP applications more quickly and securely.

ADP now offers Passkeys to conveniently and securely sign into your ADP applications and services without a password using whatever method you previously used to sign into your device (fingerprint, PIN or facial recognition). ADP is the first HCM solutions provider to adopt Passkeys within the industry, setting a new standard and allowing clients across multiple platforms and devices to be fully prepared to enhance our authentication capabilities while enabling our clients to access ADP applications and services more quickly and securely.

Key benefits:

  • More secure access
  • Authenticate with ease
  • Enhanced data security