Written by Aranza Trevino
Edited by Anne Cutler
Reviewed by Darren Guccione
Updated on May 11, 2023.
A secure password contains randomized letters, numbers and characters with a minimum length of 16 characters. Memorizing strong passwords is difficult which is why passwords are often reused for multiple accounts. While reusing passwords makes it easier for you to remember, it also puts all the accounts that use that password at risk if a cybercriminal is able to crack it.
Continue reading to learn how you can start generating secure passwords to protect your personal data from falling into the wrong hands.
A secure password is both long and complex. Secure passwords should be at least 16 characters long. They should also have a variation of uppercase and lowercase letters, with numbers and symbols as well. Most importantly, secure passwords should be unique and should never be reused across multiple accounts.
Weak passwords are a serious threat to your online security as they can be easily cracked and allow access to important Personally Identifiable Information (PII) like your bank account, personal address and contact information.
Some characteristics of weak passwords are:
Weak or compromised passwords cause 80% of successful data breaches. Passwords are frequently the only thing protecting your intellectual property, network access and confidential information.
The use of weak passwords and practices like reusing passwords can make it easier for cybercriminals to gain access to your information through cyberattacks that utilize common password lists. Here are some examples of cyberattacks that can be effective when not using secure passwords:
A credential stuffing attack is when a cybercriminal uses a compromised set of credentials to attempt to gain access to several other accounts. Credential stuffing is effective because nearly two-thirds of internet users reuse their passwords or variations of their passwords across multiple accounts.
A brute force attack is a type of cyberattack that uses trial and error methods to guess login credentials, security keys or other sensitive information.
Password spraying, also known as a password spray attack, is when an attacker uses common passwords in an attempt to access several accounts on one domain. Using a list of common passwords, such as 123456, 111111 and others, an attacker can potentially access hundreds of accounts in one attack if the users don’t have strong passwords.
Creating a strong password can seem tedious, but it’s important to ensure your passwords are unique and secure. Always avoid: creating passwords 6 or fewer characters long, using dictionary words or having significant dates – such as an important birthday or anniversary date – within the password. Do not reuse the same password for different logins as this makes it easier for cybercriminals to compromise multiple accounts.
A secure password is at least 16 characters long, contains upper and lower case letters, numbers and has at least one special character ($, %, @, #, !). Following these guidelines will help you ensure that your passwords are secure.
To further help you improve your password strength, here are password best practices you should be following:
Audit your passwords every 2-3 months to ensure that all your passwords consist of random combinations of letters, numbers and symbols or unrelated phrases.
In the past, it was said that a user should change their passwords at least a few times per year. However, depending on your current password practices, the frequency of updating your passwords will vary. For example, if you have strong, unique passwords for every account, you should only change your password if an account is part of a breach.
If you’re just getting started with proper password security, you should update all of your current passwords to ones that are strong and unique.
Bank accounts and other accounts with highly-sensitive information should be prioritized when updating your passwords to more secure ones.
Multi-Factor Authentication (MFA) is an extra layer of security you can implement on your accounts. When MFA is enabled, you’ll have to take an additional step to verify your identity after entering your username and password. With MFA, anyone attempting to access your accounts will face a more extensive authentication process than simply entering a password. This is best for sensitive accounts, but you should use it on any account you can.
Generating secure passwords, auditing them and memorizing them yourself is extremely difficult and time-consuming. The use of a password manager is helpful in creating strong, unique passwords across all your online accounts. A password manager is a tool that aids you in generating secure passwords and then storing them in an encrypted vault. You can even include MFA codes with the records in your vault. With a password manager, the only password you’ll have to remember is your master password, which acts as the key to enter your vault.
Start a free 30-day trial of Keeper Password Manager to begin generating and storing secure passwords for each of your accounts.
You May Also Like
Storing your bank passwords in a password manager is the safest way to store them without putting them at risk of becoming compromised. When targeting online accounts, cybercriminals often target those that are most valuable, which...
Choose Language