Passwords have become a big part of our lives in the digital age. We use them so often that it is easy to overlook the importance of creating a strong one.
Almost every bit of private information about us is stored behind a password. If that password were to fall into the wrong hands, it could jeopardise our personal data and financial livelihood. This article aims to provide helpful tips on how to create and remember a strong password - and more importantly, how to keep it secure.
How to create a strong password
- Make it long
Use at least 15-Characters:
The longer the password, the more secure it becomes.
- Add variety
Include numbers, symbols, capital, and lower-case letters:
The more you mix up letters, numbers, and symbols, the more potent your password becomes making it harder for a brute force attack to crack it. LSE requires that you include any 3 of the following:
Mix uppercase and lowercase letters of European languages
i.e. A through Z, with diacritic marks, Greek and Cyrillic characters
Base 10 digits
i.e. numbers 0 through 9
Non-alphanumeric characters
i.e., special characters: (~!@#$%^&*_-+=`|\(){}[]:;"'<>,.?/)
N.B. Currency symbols other than the Dollar, such as the Euro or British Pound, are not counted as special characters.
- Make it unique
Don't use personal information:
Do not include any personal information in your password. Anything publicly accessible such as your birth date, pet's name, car model, phone number, or street name and address can be discovered by others.
Avoid common substitutions:
Password crackers are familiar with the common substitutions.
E.g. "M0use" does not become stronger simply because the o was replaced with a 0.
How to remember a strong password
The secret to creating a hard-to-crack password that is unique and easy to remember is to focus on making it memorable whilst keeping it hard to guess. By learning a few simple skills, you can easily create a strong and memorable password with minimal effort. Plus, creating them can be fun - and your payoff in increased safety is huge.
- Use an unusual passphrase with added symbols and numbers
Creating an unusual passphrase of words that typically don’t go together is a good way to create the base of a long password. Next, add symbols and numbers to make it even stronger.
Example: 54 pigeons deliver mud soup to Newport
Becomes: 54-pigeonsDelivermudsouptoNewport
- Use a phrase and incorporate shortcuts or acronyms
Use phrases or lyrics that mean something to you and shorten them by using shortcuts; or use the first digit in each word to create an acronym and add numbers and symbols throughout.
Shortcut example: To be or not to be, that is the question
Becomes: 2BorNot2B_ThatisThe?
Acronym example: I go out on Friday night and I come home on Saturday morning with 8 friends
Becomes: 1gOnfn&iCh0Smw8F
- Use random words to create a passphrase
This method does not follow the traditional password advice of not using dictionary words. Instead, use four or five random words and string them together to create a passphrase that involves multiple words. The randomness of the word choice and length of the passphrase are what makes it strong.
The most important thing to remember is that the words need to be random. For example, "cat in the hat" would be a terrible combination because it is such a common phrase, and the words make sense together. However, something like "infertile staple green butterfly" doesn't make sense and the words aren't in grammatically correct order.
Please remember that the password complexity rules we described above still apply with a passphrase.
How to secure a strong password
- Don't Reuse it:
Having various passwords makes it harder for attackers to compromise your accounts. In the case that someone got a hold of one of your passwords, you can rest assured your other accounts are safe. Using a password manager will help you generate new unique passwords for each site you visit.
- Use Multi-Factor Authentication (MFA):
Multi-factor authentication adds another layer of defence. This technology enables you to provide multiple pieces of information as authentication, in any combination of:
Something you know: Your Password
Something you have: One-Time-Passcode or Generated Key
Something you are: Your Fingerprint, Voice, or face
- Don't Share it:
Someone who has your password can impersonate you, change or delete your financial information, make purchases as you, or damage your reputation. The results are lost time, money, and embarrassment.
- Don't Store it Online:
If you were to lose your laptop or have it stolen, the bad actor would have easy access to your accounts. Instead, use a password manager to store your passwords.
- Use a Password Manager:
Password managers are the ultimate solution for generating and storing passwords for multiple websites. Password managers can generate and store strong, unique passwords for each of your accounts. The password data is then encrypted and stored in the cloud or on your device meaning you do not need to memorise them.
The only thing you need to remember is your login details for the password manager app.