Tips to creating a strong password online

Today (6 May 2021) is World Password Day. Intel created World Password Day to help people protect themselves and their personal information online. Here are some tips to creating strong passwords courtesy of Cert NZ and NetSafe.

Use a different password for every online account you have

Make them unique and use each password only once (one to access your online banking, a different one for your email account for example). Many of us use the same password for all our accounts, or stick to two or three different ones that we use over and over. The problem with this is that if an attacker gets hold of one of your account passwords, it’ll give them access to any other accounts that share the same password.

Make your passwords long and strong

The longer your password is the more difficult it is for someone else to guess. Sentences can often make the best passwords because they’re easy to remember. A string of four or more words is just as strong as a 10-character password that uses a mix of numbers, letters and symbols.

The stranger your password is the easier it is for you to remember! Some ideas to think about include:

  • An easy to remember acronym.
  • A combination of three or more unrelated words incorporating numbers.
  • Lyrics from a song you’ll easily remember.
  • A silly yet easy to remember phrase such as BananasPlayDiscoUnderTriangleSuns.
  • Using a combination of words from different languages if you’re multilingual.

What not to do

Avoid using standard dictionary words or the name of a child, pet or sports team or something that will be easily guessed.

You should also avoid using the password storage options offered by web browsers (like Google or Microsoft Edge), as they are frequently targeted by hackers. Web browsers are targeted by hackers because if they can compromise the browser they can get access to the passwords you have stored in the browser. Avoid these most commonly used passwords at all costs:

  1. Password
  2. 123456
  3. 12345678
  4. 1234
  5. Qwerty

Try using a passphrase instead of a password

A passphrase is longer than a password and may have spaces in between words such as ‘Panda orange Spain boat’. A passphrase can also have symbols and doesn’t need to be proper sentence. The main difference is that a passphrase is much longer. So, why use a passphrase in place of a regular password?

  1. Passphrases are easier to remember than random symbols and letters
  2. Passwords can be easier to guess or crack by both human and robots
  3. Passphrases are much harder to crack than passwords

Don’t use personal information to create your passwords

Personal information is easy to find online, especially if you use social media. Details about you, like your date of birth, your address and even your pet’s name, are only a few clicks away. They’re the first thing attackers check when they’re trying to hack into other people’s accounts. So, if you share pictures of your dog online, make sure you don’t use your dog’s name as your password too.

Keep them safe

Never share your passwords with anyone — this includes your partner, your parents and your children.

If you’re worried about remembering your passwords and are comfortable using technology, you could try using a password manager – this will store and manage your passwords for you. The password manager will be the only account you need to remember login details for: consider using a strong password manager like KeePassKeePassX or LastPass.

You can find more information about staying safe online by visiting Cert NZ and Netsafe’s websites.

CERT NZ works to support businesses, organisations and individuals who are affected (or may be affected) by cyber security incidents. They provide trusted and authoritative information and advice, while also collating a profile of the threat landscape in New Zealand.

Netsafe provides free and confidential advice and support to people in New Zealand seven days a week. Each week they answer about 450 requests for help related to online safety topics including bullying, grooming, illegal content and scams. Theyalso provide support to schools and kura under a contract with the Ministry of Education.

Photo credit: Franck on Unsplash

About Expert of the Week