How to create a strong password (and remember it)

Posted August 21st, 2020 by SimpliSafe

It’s the top piece of advice given when it comes to cyber security, but what does creating a strong password actually mean? And, perhaps most importantly, how do you go about remembering it?

Whether it’s your email password, your online banking, the account that controls your wireless home security system, or your favourite clothing shop, it’s important that your passwords are protected. Not only could it mean that you are locked out of the account if one is compromised, but someone could have access to your financial information and money, so let’s take a look at how to create a strong password.

How are passwords hacked?

Hackers and criminals can use one of several methods to try and break your password. Here are a select few:

  • The brute force attack

This involves hackers throwing as many passwords as possible at your account until they land on yours. Of course, this isn’t done manually. Automated software will try as many combinations as quickly as possible

  • Credential stuffing

Sites that have poor security are unfortunately easy targets, and thieves regularly hack these sites to sell the data on dark web forums. Because many people use the same password across multiple sites, credential stuffing - also known as list cleaning - tests the stolen credentials against other accounts to gain quick and easy access

  • Password spraying

This technique works by trialling commonly used (and weak) passwords against a user’s account. Some of these common passwords can include password123, 1234567, etc.

  • The dictionary attack

Similar to the brute force attack, which tries combinations of letters, numbers and symbols, the dictionary technique involves attacking your account with a dictionary using a prearranged list of words

  • Phishing

You’ll likely know all about phishing email scams, which involves criminals tricking, pressuring or intimidating people into giving over their card details or password by pretending to be an authentic website where your account needs urgent attention

  • Strong password tips

Now that you know a few ways that passwords can be cracked, you can work backwards to outsmart these attacks, while also remaining vigilant of phishing emails that land in your account. Let’s take a look at a few of the ways you can create a strong password for each of your accounts.

  • Don’t be silly

Unfortunately many people still rely on easy to remember, and therefore easy to hack, passwords such as ‘password’, 1234567 or qwerty. Never use sequential letters or numbers, and don’t use a password that contains any personal information such as your name or date of birth as hackers can get around these in no time

  • Mix it up

Alternate between upper and lowercase letters and symbols and numbers. The more potent and varied it is, the harder it is to crack when attacked with brute force

  • Don’t follow the keyboard

We understand it’s easy and makes for quicker logins if you follow a path on the keyboard - like qwerty - but this puts you particularly at risk

  • Don’t substitute

While you may think that substituting a zero for the letter ‘o’ or a ‘5’ for an ‘s’ is a clever trick, unfortunately these can be cracked just as easily as the letters themselves. Try random symbols for extra security

  • Don’t use the same one elsewhere

It’s something we’ve all been guilty of, but if you use the same password for multiple websites then you’re running the risk of them all becoming compromised if one of them gets leaked

How to make your password stronger than ever

  • Make it a long password

Passwords that are between nine and 12 characters are vulnerable to easy hacking. Ideally you want your password to be no shorter than 15 characters

  • Activate two-factor authentication

This involves having a secondary login method in addition to your password, such as a fingerprint on your phone or having a temporary passcode sent to your phone number. Many apps - including the SimpliSafe app! - has the option to activate this. For more information, check out our guide to two-factor authentication

  • Use nonsense words

Single words can easily be cracked thanks to the dictionary methods. Two word passwords are also easy. But passwords that are made up of multiple nonsense words are trickier to get past

  • Change your passwords regularly

By changing your passwords on a regular basis, you are ensuring that even if your accounts are compromised, that the information criminals have quickly becomes defunct. We’d recommend a change every three to six months

  • Use a password manager

These automatically generate and store your passwords all in one safe place. All those passwords will then be kept in an encrypted location that can only be accessed using your master password

Passwords are a part of life that we have come to get used to, and they aren’t going away any time soon. Keeping your accounts secure doesn’t have to be difficult or time-consuming. You could even set a reminder on your calendar to change your passwords every few months, and then save them into your password manager, that way most of the hard work (the remembering) is done for you.