How to Choose a Highly Secure Password

When it comes to online passwords, there is no such thing as 100% secure. Complete security is impossible based on the current software and hardware technologies that we are using. What we can have instead is "as secure as possible", and in order to achieve that, there are things that we can do to improve the security level of the passwords we use on a daily basis.

Most websites and software platforms continuously improve their security and password storage procedures to reduce the risk of having account breaches, but that doesn't negate your responsibility to create a strong password and keep it secure as the account owner. No matter how secure the system you are using (remember it will never be 100%), you should always come up with strong, secure passwords for your accounts.

When you are thinking to come up with a new password, your task is not to come up with a password that is "secure enough for yourself", it is to come up with a password that is "secure enough", hence it will make the job of whoever might try to break it close to impossible.

Now, let's focus on some important points that will guide you in choosing a secure password.

Choose a Long Password

Password length is not necessarily a guarantee for the strength of a password but it is one of the important factors (probably #1) that contributes to the security of it.

Imagine that you need to create a password on a system that allows only numbers (0-9). If you create a one-digit password, say 4, do you know how many trials would it take for someone to guess and find you password? 10 or less! Not that anyone would choose a one-character password, but for systems that allow only letters, numbers or alphanumeric characters, even passwords with 4-6 characters will be a piece of cake to break (depending on how the system login functionality is structured).

In short, the longer the password, the better. You don't need to go wild about the length of the password such as 100+ characters, anywhere between 12 to 24 would be good enough as long as it also satisfies the points below.

Choose a Hard to Guess Password

Breaking a password does not always require powerful computers or complex programs that would work for days or weeks. Sometimes, even a couple of simple guesses may reveal your password to those especially who are close to you and who would have an idea about your password choices.

Never use your username or part of it, your name or surname, birth date, your favorite pet's name or anything of this nature that is a name, a dictionary word or a date for your password. For example let's say your name is John Doe and you were born in 1974. Your choice of johndoe74 as a password is definitely not a strong one. Also, do not use a combination of characters that follow a pattern such as abcdef, 123456789, or asdfghj (neighbor keyboard characters) in your passwords.

Use a Combination of Characters in Your Password

Most websites allow you to have (almost) any character in your password. Where possible, always have a mixture of different types of characters such as lowercase (a-z) and uppercase (A-Z) letters, numbers (0-9) and symbols (.,:;'"!?$&%/\*()[]{}@#<>+-_=^). Symbols are pretty much any character that you can type with your keyboard other than letters and numbers. Some websites or applications may limit the type of characters you may use while creating your password, you should still try the best combination that you can come up with.

Based on the above factors, the following could be considered as a strong password:

%l?I1Jj3zUA+Gn6<

DO NOT USE IT!

It is made of 16 characters, it has lowercase and uppercase letters, it has numbers and special symbols. Based on HowSecureIsMyPassword.net, a website that tells you how long it would take to crack your password, the above password would take 412 trillion years to be cracked. I don't know what they are basing their calculation on but you get the idea. The longer, the more complex a password is, the harder it is to be guessed or cracked.

Know that this number will decrease as more powerful computers are developed. I should also note that, most websites have additional security precautions to keep your account safe such as enforcing a limit on the number of unsuccessful login attempts, which further deters the hackers from trying to crack passwords.

Finally, one last tip about password security which is not directly related to choosing a password but still as important:

Do Not Store Your (Financially Critical) Passwords

If you have the habit of storing your passwords online or offline, you should seriously reconsider it or at least do it in a secure way. While it may not be a big issue to lose your password for a random forum that you wouldn't care much about if your password was stolen , the situation is different when it comes to financially, personally or business-wise critical websites and platforms.

For example, you wouldn't want to store the passwords of your bank accounts, your payment transfer services such as PayPal, your business services such as hosting, domain registrar, email marketing service and the like on an easily accessible place. Even if you store them in a password protected folder/file on your computer, your computer may get stolen or it may receive a malware that might send such information to third parties which you wouldn't want to happen.

If you have to store your passwords, either use a trustable password storage software or use a cipher system that only would make sense to you. I personally do not enjoy using a software to store my passwords because I will never know if I can 100% trust them and they will only add another security layer that might be breached by the knowing person.

What I prefer to do with my own passwords is that I divide them into two categories: Less critical and highly critical. I store less critical passwords using a cipher system that only I know of. I do that by adding some random number of randomly chosen characters to the beginning and to the end of the password. In the unlikely event that anyone sees them, the passwords will never work and they will never know the right number of characters to target. For the highly critical passwords, I simply don't store them. I memorize them and use them as needed.

Keep these important factors that contribute to password security in mind for creating highly secure, strong passwords for your existing and future accounts going forward.

f t g+ in