Long passwords don’t have to be hard to remember, but they do need to be difficult for someone else to guess

hand resting on laptop Good passwords are not just any password that is long that has uppercase letters, lowercase letters, numbers and symbols. It should mean something to you but appear non-sensical to others. Ideally it is a string of characters that, if shown to another person for a couple seconds, would be nearly impossible for them to recall.

Tips for creating long, strong passwords

Do

  • Use a phrase with shortcuts, acronyms, or strings
    • 4Score&7yrsAgo four score and seven years ago - from the Gettysburg Address
    • 14A&A41dumaS one for all and all for 1 - from The Three Musketeers, by Dumas
    • Goatpotatolakebuspants - words that don't mean anything together in a string
  • Use passwords with common elements 
    • ABT2_uz_AMZ! - About to use Amazon
    • Pwrd4Acct-Fb - password for a Facebook account

Don't

  • Use common dictionary words: Password cracking programs use dictionary lists to easily guess words in a password.
  • Make it too personal: If you put information on social media that you use in your password, a hacker will find it.
  • Make it too easy: A password like B@seba11is actually easy to guess. It’s too short and uses a dictionary word with common substitutions.
  • Make it long, but not strong: A password like House12345678 is never a good password.
  • Use a common pattern: Patterns like House1, House1234, or !House! are patterns hackers look for. 

Keep your online accounts safe

Keep your passwords on the down-low: Don’t write down your passwords and don’t share them with anyone.

Use a Password Manager: The simplest way to create, remember and use strong passwords is with a password manager.

Unique account, unique password: Make sure all your accounts have unique passwords to protect you in the event of a breach.

Double your login protection: Enable multi-factor authentication (MFA) to ensure that the only person who has access to your account is you.