Password Security Tips

5 Keys to Making Secure Passwords

In our modern world today, we use passwords for everything.

No doubt you have your favourite, however with increasing security breaches across many big web portals it’s critical to ensure you protect yourself as best as you can – without going crazy or paranoid of course.

The very real worry is that the breach of one website exposes your details, particularly username – normally an email and your password – to a vast underworld for sale. You may be thinking, “So What, it’s just one site and probably not important”, however what are the odds that same email and password are used not just at one other site, but likely at 5 other, 10 other, ALL other websites you use?

So what can you do to minimise the risk as much as possible of either your password being guessed, or otherwise it being hacked and tried on other sites you may have accounts on?

Create Secure Passwords

According to SplashData’s annual report of the 25 most common passwords that we commented on earlier in the week in our blog – thankfully ‘password’ is no longer the most popular. Unfortunately the next popular is now number 1 – ‘123456’…

What are the best tips from security experts on creating secure passwords.

Put simply a strong password:

  • Is at least eight characters long.
  • Does not contain your user name, real name, or company name.
  • Does not contain a complete word.
  • Is significantly different from previous passwords.
  • Contains characters from each of the following four categories:
Character category

Uppercase letters

A, B, C

Lowercase letters

a, b, c


0, 1, 2, 3, 4, 5, 6, 7, 8, 9

Symbols found on the keyboard (all keyboard characters not
defined as letters or numerals) and spaces

` ~ ! @ # $ % ^ & * ( ) _ – + = { } [ ] \ | : ; ” ‘ < > , . ? /

In creating a new secure password, substitute numbers for letters. For instance instead of ‘Monday Tonight’ as a password, you could use ‘M0nd4Y_2N1t3′ or something similar.

Two Factor Authentication

This is slowly becoming more widely used. First you use your password, but second you have a challenge question, like “What is your Mother’s Maiden name?”. Other Secondary Authentications can include a code sent to you phone via SMS – so this immediately adds a further layer of complexity towards hackers breaching your security.

There of course is still the question of hacking a site via a backdoor (ie not via the normal above routes…)

Create Unique Passwords

This is the tricky part, to be secure, don’t use a password more than once across your sites.

That’s the official recommendation and while definitely true, it can be difficult to manage so many different passwords. At the very least we’d prefer to recommend scales of passwords.

For Instance:

  1. Critical Passwords: Internet Banking, Perhaps Social Media – Create strong, unique passwords
  2. Medium Passwords: Online Stores that Store Your Credit Card Info – Create similar, but maybe slightly changed passwords
  3. Everyday Low Risk: Logins to Forums, Basic Online Stores (that don’t store card details) etc… – Use the same password.

An Online ‘Black Book’

Another tip is to use a password storage service, these can integrate with browsers and websites and some can even integrate across platforms.

Some good ones include:

There are others, but note, do your research as some have also been targeted with cyber attacks…

While we have passwords, yes we will have hackers and they will win battles. But as long as you mitigate your risk as best you decide you won’t end up with a costly episode, either monetarily or time-wise.