- Length. Make your passwords long with eight or more characters.
- Complexity. Include letters, punctuation, symbols, and numbers. Use the entire keyboard, not just the letters and characters you use or see most often. The greater the variety of characters in your password, the better. However, password hacking software automatically checks for common letter-to-symbol conversions, such as changing "and" to "&" or "to" to "2."
- Variation. To keep strong passwords effective, change them often. Set an automatic reminder for yourself to change your passwords on your email, banking, and credit card websites about every three months.
- Variety. Don't use the same password for everything. Cybercriminals steal passwords on websites that have very little security, and then they use that same password and username in more secure environments, such as banking websites.
Here are some suggestions that might help you remember it easily:
|What to do||Example|
|Start with a sentence or two.||Complex passwords are safer.|
|Remove the spaces between the words in the sentence.||Complexpasswordsaresafer.|
|Turn words into shorthand or intentionally misspell a word.||ComplekspasswordsRsafer.|
|Add length with numbers. Put numbers that are meaningful to you after the sentence.||ComplekspasswordsRsafer2011.|
Avoid common password pitfalls
Cyber criminals use sophisticated tools that can rapidly decipher passwords.
Avoid creating passwords that use:
- Dictionary words in any language.
- Words spelled backwards, common misspellings, and abbreviations.
- Sequences or repeated characters. Examples: 12345678, 222222, abcdefg, or adjacent letters on your keyboard (qwerty).
- Personal information. Your name, birthday, driver's license, passport number, or similar information.