How secure is my password? A guide to staying safe online

Many people use basic sentences and common words for their passwords, which is far from secure. Many websites and platforms don’t require users to create truly secure passwords, either

So, ​​how do you know if your password is strong enough?

In this blog post, you’ll learn why long and truly random passwords are better than a single common word, why you shouldn’t reuse passwords, and how to make password creation and management as easy as possible via password managers.

3 signs that your password isn’t strong enough

Let’s begin with three easy ways to determine whether your password is secure or not.

It’s a common password

The most popular password in the US in 2023 was 1 2 3 4 5 6 despite the fact that it only contains six sequential numbers. As many as 70% of the passwords on 2023’s list can be cracked in less than a second. Scary, huh?

Passwords shouldn’t be a single common word because cybercriminals often use a “dictionary attack” to try to breach passwords. This type of attack is conducted by trying out predictable and frequently-used passwords until the attacker gets a perfect match.

Dictionary attacks often work because many people use memorable words or phrases as passwords. To protect yourself from this type of attack, you should use a random combination of numbers, special characters, and uppercase and lowercase letters. Utilizing passphrases here (a series of real but unrelated words) is an equally secure option.

With every new character you add to the random password, the time it takes to crack it becomes increasingly longer.

You should familiarize yourself with the list of common passwords online, like p a s s w o r d 1 2 3 and q w e r t y , and avoid them. The easiest way to do this is by using a strong password generator like the one that’s built into 1Password.

It’s too short

Most authorities recommend having a minimum of 12-character passwords (but longer is always better).

The days of using your last name and birth year as your password (and keeping your information and online accounts secure) are long gone.

Today, we recommend using a strong and unique password that’s at least 16 characters long. Passwords with 16 characters (letters only) are 8 million times harder to crack than passwords with 12 characters (letters only).

We know that’s a lot to remember: 100+ accounts that need unique passwords x 16+ characters each = way too much to remember on your own.

That’s where 1Password comes in and saves the day. (More on that later!)

It contains personal information

Even though personal information is easy to remember, it’s dangerous to use it as inspiration for your passwords.

Why? Many people share this same information online, sometimes without realizing it. For example, they might share their date of birth on their X (formerly Twitter) profile page, or tag their family and friends in publicly-visible Instagram posts. If you use that information for your passwords, you’re leaving your accounts and personal information vulnerable.

If an attacker figures out your password this way, they may try to use it to access your social media and personal accounts, business accounts, or banking accounts.

To ensure our online security, we have to be aware of our shortcomings and how to prevent major breaches.

So if you’re wondering, “how can I strengthen my passwords?” read on.

Once you implement the tips in this guide, you’ll understand why these points are essential and feel more confident about your password security.

How to improve the strength of your passwords

Whether you’re looking for software to generate a secure password or create one yourself, these key points are important.

Understanding the principles of password security will help you know how to implement them for your future passwords quickly. Once you grasp them, you can teach them to your family, friends, or coworkers.

Passwords vs. passphrases

To start, we need to explain that there are two routes to creating strong passwords.

We’ve discussed passwords – combinations of letters, numbers, and symbols (special characters) in random arrangements of at least 12–16 characters.

Passphrases are real but random words (usually at least four) strung together with or without spaces that don’t form a sentence or make sense together.

For example: b a l l - m o o n - m a r k e t - f l u s h would be a passphrase. The words make no sense together and would never be seen together in written text like a book or article. This randomness makes it extremely difficult for a hacker to crack while remaining easy to remember if you don’t use a password manager.

Keep passwords random

If you don’t need to memorize a password (for example, because you use a password manager), you can use one that looks something like this: T K r a w n T 1 u h k 6 3 q J T a r 7 d .

As we mentioned earlier, randomly generated passwords for all of your accounts are more secure. What are the different ways to create randomness? You can use:

• Real but unrelated words to create a random passphrase.
• A random assortment of characters.

And don’t neglect unused accounts. Update your accounts to avoid the potential for identity theft or phishing attempts.

Longer passwords are more secure

The longer the password, the harder it is for a cybercriminal to guess or crack with a brute-force attack.

With every new character that’s added to the password, it becomes more secure. If your password is random, the difference between 8- and 10-character passwords is immense.

The exact length depends on:

• If you’re creating a password or passphrase (passphrases need to be longer).
• If you’re using any numbers or special characters.

However, length doesn’t factor in if you use something predictable, like a first + last name.

Let us give you a side-by-side comparison. We’ll use a password strength checker and a password generator.

An 8-character password, q ^ F h K 9 W t can be cracked within eight hours, according to the strength checker.

What about numbers and special characters?

Numbers and special characters will make your password more random – and therefore more secure. But they’re not the only way to create a strong password. You can also strengthen your password by increasing its length. The longer your password is, the more secure it is. However, length is the most important trait. The longer your password is, the more secure it is.

Examples of strong passwords

A picture’s worth a thousand words, right? So, let’s look at some examples of strong passwords.

Passwords

1. ^ q : 6 v x 8 > J F 2 9
2. 7 r 4 E H m w x 6 q Y W c p f X N e C P j p Z 2
3. N k z # F - h U E g D g o k x h h m T w y . p j

These examples include a combination of different rules. The second password example doesn’t include special characters. The third has no numbers. Both ensure strength through length and randomness.

Passphrases

1. P u b - o b d u r a t e - q u a n d a r y - c i c e r o n e - h a u b e r k - d i a b e t e s
2. g a r d e n - f i r e - t a b l e - f r i e n d - c a n d l e - q u e s t i o n
3. S w o r d - b r e a d - k e y b o a r d - s e c u r i t y - c h a i r - k e y h o l e

Passphrases include words, but the chances of them appearing naturally in texts are close to zero. This provides advanced security while being memorable.

How to create strong passwords

There are many ways to construct a strong and unique password. But the two core ingredients are length and complexity. That means:

• Adding more characters, and/or
• Increasing the variety of characters (numbers, special characters, and a mixture of upper and lowercase letters)

Here’s one example recipe for creating a strong password:

• At least 12 characters long (the longer, the better)
• Contain at least one of each of the following:
• One upper-case letter [A-Z]
• One lowercase letter [a-z]
• One number [0-9]
• One special character: [~`!@#$%^&*()-_+={}[]|;:”<>,./?]
• Doesn’t contain personal information
• Isn’t a common password

Still worried about the strength of your password? With 1Password’s online Strong Password Generator, you can generate strong passwords in seconds.

That way, each one can be unique and random.

Plus, you can use 1Password to store them, so you won’t have to remember them all.

The most secure password manager implements advanced encryption, zero-trust architecture, and multi-factor authentication on the user side. For example, 1Password’s privacy policies guarantee that they can’t even access your passwords. It’s worry-free security.

Stay safe online with strong passwords

As we spend more and more time online, it’s clear that strong passwords are increasingly important.

Why? It’s the first defense in protecting your digital identity and personal information from data breaches.

Following the simple practices outlined above‌ – embracing complex, random combinations, and avoiding common phrases – turns the process of creating a strong password from a tedious task into an everyday habit.

Use these strategies to fortify your online presence, ensuring that your cybersecurity is as resilient as it is straightforward.

Need help along the way? Download our beginner’s guide to cybersecurity.

1Password