The Final Step

No password guarantees security but spending a bit of time creating strong passwords really improves your security. Here are some do’s and don’ts:

Do not

• Use the same password for everything. Particularly online banking and similar services should have unique, strong passwords. Don’t let someone have access to everything just by hacking one password
• Use a single word that is information that is relatively easy to find out, i.e. your name, your date of birth etc
• Do not use the following (or similar) as passwords, they are so common you might as well give away your access: “letmein” “password” “passw0rd” “qwerty” “123456” “football” “abc123” “monkey”

So how do you create a strong password?

• Use a phrase rather than a single word. The phrase should avoid your personal details and proper names. It should be a minimum of eight characters. Pick something that makes sense to you e.g. “mowthelawn”
• Mix in special characters, symbols and upper and lower case letters e.g.”Mow*th3_l@wn”
• Use a unique passphrase for each site where security is paramount.
• For less important sites you might consider using ”Mow*th3_l@wn” as a template and customising it for each site in a way that relates to the site and so is easily memorable e.g. take the last two letters of the site and add them at the beginning of the phrase. So, for the website LinkedIn you take the last two letters “in” and add them to the beginning of the passphrase so it becomes ”inMow*th3_l@wn”
• Every so often change your passphrases, templates and adjust the pattern you use to make them unique.

This is too much effort!

Invest in a password management tool that can generate random strong passwords, remember them and auto login for you. We recommended RoboForm in a newsletter article, but there are others available.