By now, we all know that the word “password” is a terrible password. But why? Because it’s easy to guess? There’s actually more to it than that. There are a lot of passwords out there as simple for hackers to crack as just the word “password,” because hackers are relying on various programs to break into your accounts, including programs that just go through the dictionary, filling in literally every word until they get one that works. And once they have one password, they’re more likely to gain access to more than one account, since 83% reuse the same password for multiple accounts.
So then, what are some ways to tell a weak password from a strong password and avoid some program figuring out your password and handing over your private information to some hacker in a dark room? Let’s take a look at the criteria for both kinds of passwords so you know what to avoid, and what are considered best practices in an increasingly account-driven online world.
What makes a weak password?
What makes a strong password?
If you’re concerned about remembering your password, you have a few options:
For example purposes only, we recommend you use these principles to create your own formula:
2. Now replace one letter with a number or symbol:
3. Now, choose two letters from the domain name of the site you’re creating an account for. We’ll use www.viptsg.com as an example, and we’ll choose the first and second letters–you can choose the second and third letters, or third and fourth, or first and last, whatever works for you–and capitalize them, so for us, that’s “VI” and add those to the first part of the formula:
4. Next, add another symbol, this will be the symbol you use every time:
5. Lastly, add a number that will be easy for you to remember, but avoid your birthday or anniversary:
V!pVI@89 this would be our password for viptsg.com using our formula.
Say we were creating a password for Outlook instead, the password would then become V!pOU@89. The only part of the formula changing are the two capital letters that we’re using from the domain.
By applying a rule to every account password you create or replace, you’re only having to remember the formula, but you have a different–and most importantly, secure–password for every account.