Creating strong passwords

Long passwords don’t have to be hard to remember, but they do need to be difficult for someone else to guess

Good passwords are not just any password that is long that has uppercase letters, lowercase letters, numbers and symbols. It should mean something to you but appear nonsensical to others. Ideally it is a string of characters that, if shown to another person for a couple seconds, would be nearly impossible for them to recall.
a woman's hands on a laptop keyboard

Tips for creating long, strong passwords

Do
  • Use a phrase with shortcuts, acronyms or strings:
    • 4Score&7yrsAgo: "Four score and seven years ago" from the Gettysburg Address
    • 14A&A41dumaS: “One for all and all for one” from “The Three Musketeers” by Dumas
    • Goatpotatolakebuspants: Words that don't mean anything together in a string
  • Use passwords with common elements:
    • ABT2_uz_AMZ! - About to use Amazon
    • Pwrd4Acct-Fb - password for a Facebook account
Don't
  • Use common dictionary words: Password-cracking programs use dictionary lists to easily guess words in a password.
  • Make it too personal: If you put information on social media that you use in your password, a hacker will find it.
  • Make it too easy: A password like B@seba11 is actually easy to guess. It’s too short and uses a dictionary word with common substitutions.
  • Make it long but not strong: A password like House12345678 is never a good password.
  • Use a common pattern: Patterns like House1, House1234 or !House! are patterns that hackers look for.

Keep your online accounts safe

  • Keep your passwords on the down-low: Don't write down your passwords and don't share them with anyone.
  • Abide by the tenet, "unique account, unique password": Make sure all your accounts have unique passwords to protect you in the event of a breach.
  • Double your login protection: Enable multifactor authentication (MFA) to ensure that the only person who has access to your account is you.