10 Steps to a Stronger Password

Passwords are like keys to your house―they protect what’s most important to you, including your identity. Choosing a strong password―and remembering it―can be challenging, but it’s your first line of defense against cyber-attacks and identity theft.

The stronger your password, the more secure your computer, mobile devices and online accounts will be. Take these steps to make your password strong and secure:

  1. One and Done: Never reuse your password across multiple sites. If your account is compromised and you use this email address and password combination across multiple sites, your information can be easily used to get into any of your other accounts. Use unique passwords for everything.
  2. Complexity is Key:
    • Use a long password that contains lowercase and uppercase letters, numbers, and symbols.
    • Avoid “password walking,” which is when you use consecutive keyboard combinations, such as qwerty or asdfg.
    • Don’t use dictionary words, slang terms, common misspellings, or words spelled backward.
    • Don’t use personal information such as your name, age, birth date, child’s name, pet’s name, or favorite color or song―even if you put a number after it.
    • Strong passwords are easy to remember but hard to guess, like this one: Iam:)2bTr>N935! It has fifteen characters and translates to: I am happy to be turning 35!
    • Use nonsense phrases that are easy for you to remember, but hard for someone else to guess. For example: M0ckC@ncP1zTo13 translates to Mockingbird, Cancun, Pizza, Toledo (your favorite book, vacation, food and city).
  3. Implement 2FA / MFA
    On social media, bank accounts and any other services that offer it, enable two-factor authentication (2FA) and multi-factor authentication (MFA) to add an extra layer of protection (which becomes your first layer of protection should your account details get compromised). These protocols require something you know, like a password, and something you have, such as a code sent to your phone, biometrics (fingerprint, eye scan, etc.), or a physical token. This way, as simple or complex as your password is, it’s only half of the puzzle.
  4. Password Managers are Your Friend
    A dedicated password manager will store your passwords in an encrypted form, help you generate secure random passwords, offer a more powerful interface, and allow you to easily access your passwords across all the different computers, smartphones, and tablets you use.
  5. Spying Eyes: Be sure no one watches when you enter your password. Pay extra attention when you’re on a plane, bus, or other place where you’re in very close proximity to a stranger. Consider using a privacy screen on your frequently used devices.
  6. Avoid the Unknown: Avoid entering passwords on computers you don’t control (like at an Internet café or library)—they may contain malware that steals your passwords.
  7. Wi-Fi: Avoid entering passwords when using unsecured Wi-Fi connections (like at the airport or coffee shop)—hackers can intercept your passwords and data over this unsecured connection.
  8. Keep it to Yourself: Don’t tell anyone your password. Your trusted friend now might not be your friend in the future, or might share your password unintentionally.
  9. Follow the Underwear Rule: Like your underwear, change your passwords regularly.
  10. Fool the Questions: Some sites ask personal questions like how you met you spouse, the color of your first car or your favorite pizza topping to validate your password. These answers are often found on social media or have very common answers that are easily guessed. The best way to use these questions are to choose a random selection (if multiple choice) or enter a wacky response if open text (you can say that your favorite pizza topping is basketballs!).