We recently posted The Washington Post's Eight smart ways to strengthen your password
on Baroan's Facebook page and it was one of our most popular of the month. Since the list is in video form, we've transcribed it below and added further information from a few additional sources.
- Longer is better. Passwords should be no less than 8 characters long, but between 14 and 25 is ideal.
- Forget the alphabet. Adding numbers and symbols makes passwords more complex and harder to guess.
- Make up new words. Symbols and numbers aren't enough. Avoid known words to make a password harder to crack.
- Use characters instead. Replace some of the letters with similar-looking characters that are easy to remember.
- Kep it random. Names of people, pets, places, zip codes, birthday and addresses can all be looked up.
- Change it up. Try not to use the same password on more than one account. That way, if hackers breach one account, the rest are still secure.
- 2-Step. Sites like Twitter and Gmail allow 2-step verification, meaning they will text you a random code as an extra step in the login process.
- Try a password manager. If codes are too much to remember, sites like LastPass and RoboForm store your passwords for you , and let you access sites using one code. (Some of the Baroan engineers use these.)
- Don't include your username, real name, or company.
- Make it significantly different from previous passwords.
- Create an acronym from an easy-to-remember piece of information.
- Substitute numbers, symbols, and misspellings for letters or words in an easy-to-remember phrase.
- Relate your password to a favorite hobby or sport.
- Example: ILuv2PlayB@dm1nt()n.
If you need to write down your password to remember it, do not label it as your password and keep it in a safe place (not taped to your computer). Also keep in mind when it comes to site accounts for email, shopping, social media, etc., if the site holding your complex password stores it in plain text without encryption—the complexity is meaningless.