Internet Safety: Your Guide to the Most Important Concepts and Practices of Avoiding Identity Theft and Fraud

Previous Lesson
Next Lesson

Safe Passwords are Long, Random, and Unique

Internet Safety: Your Guide to the Most Important Concepts and Practices of Avoiding Identity Theft and Fraud Safe Passwords are Long, Random, and Unique

We are inundated with passwords. The more online accounts you have, the more passwords you need and the greater risk exposure you have. Which of the following types of accounts do you have? Are you using a strong, unique password for each account?

  • Online banking
  • Email
  • Microsoft, Google, or Apple accounts
  • Online games
  • Online shopping websites
  • Online dating services
  • Online music services
  • Social media accounts

Strong, unique passwords are the first step to online safety

Strong passwords are long strings of random characters or passphrases that use a long list of unrelated words.

Unique passwords are different for every online account. Unique passwords limit the damage if you are the victim of fraud to one account.

Length. Randomness. Uniqueness.

  • At the very minimum, a strong password is 8 characters (lower and upper-case letters, numbers, and special characters) long. This minimum length has changed over time as computers and computing power has increased dramatically. Your best bet is to go with a much longer password for important accounts, like your email and banking account. Go for 12 or more characters for safety.
  • Randomness means not using known phrases, addresses, birth or anniversary dates, or any other information that can be found using a simple internet search. Too many hacks are successful simply because a hacker perused social media and tried some combination of dates and pet names.
  • Use a unique password for each online account to limit potential damage. If one account is hacked, the hacker cannot use the same information to access other accounts. If you fall victim to a phishing scam and mistakenly reveal a password, or if a database with your password is hacked, only one of your accounts is at risk.

Every word and phrase from every song, movie, religious book, dictionary, Wikipedia, and popular meme has already been hacked and is unsafe to use. Make your passwords long, random, and unique!

Passphrases are good too

A passphrase is simply a random combination of words that, together, make no sense. You can do this by randomly selecting words from a dictionary and making sure to choose nouns, verbs, and adjectives that are unrelated. You can also search for an online password generator. The passphrase “skimmed quickness ozone problem” would take centuries to crack. The passphrase “Reward Size Neglect Sheep Spill Least 8” would take many more centuries because it is longer and includes a number. The benefit of passphrases is their ease of use. It’s simply easier to type them in.

Memorable passwords

You can create personably memorable passwords too. Recall an experience, create a long sentence describing the experience, and use it to create a password you can remember. For instance, take the sentence “Mary and I had a wonderful time water skiing with the 7 grandkids.” I can create a password using the first letters and some imagination “M+Ihawtwswt7gk.” Or some version of that.

Passwords that practically guarantee you’ll be hacked

You can buy (or download for free) massive databases of passwords that have already been hacked. Never use a password that includes the following:

  • Any word in the dictionary (unless used as a part of a strong passphrase).
  • Any phrase from a book, song, or religious text.
  • Numbers or words that have significance for you. (You are not the only one who knows your birthday!)
  • Numbers or words related to the site you are logging into. (No using “facebook” as part of the password for your Facebook account!)

Sequential numbers, known words, and short passwords are all relatively easy to hack. What’s more, once a hacker knows who you are and has one of your passwords, they’ll certainly try that same password to get into your other accounts. Using the same password for multiple accounts is the equivalent of handing them a master key to your life.

Passwords managers make it easy

I strongly recommend using a password manager to help manage your passwords. It’ll help you cut through the complexity and hassle of managing passwords. Password managers can create strong passwords, autofill forms for you, warn you when your passwords are weak or compromised, and much more. Then, add Multi-Factor Authentication (2-step verification) to your accounts for nearly unpenetrable security.

Review Questions

What are the three characteristics of a strong password?

The three characteristics of a strong password are length, randomness, and uniqueness.

What is a passphrase, and how is it created?

A passphrase is a random combination of words that, together, make no sense. It is created by randomly selecting words from a dictionary and making sure to choose nouns, verbs, and adjectives that are unrelated.

What is a password manager, and how can it help manage passwords?

A password manager is a software tool that can help create and store strong and unique passwords for each online account. It can also autofill forms, warn you when passwords are weak or compromised, and offer Multi-Factor Authentication (2-step verification) for added security.

Previous Lesson
Back to Course
Next Lesson
Scroll to Top