What Should My Password Be?
We’ve all been there: you’re signing up for another account on another website, and you’re asked to create a password. Easy, you think, and you type in “password.” The website rejects this: it’s not strong enough! Never fear, though—you have a backup password for situations like these. You type in “john123”. . .and get rejected again. These days, it feels like every website wants an extremely complicated password. Uppercase, lowercase, symbols, numbers. Must be the length of the Declaration of Independence.
While these requirements can feel frustrating and needlessly complicated, these websites are actually onto something. Passwords are like the code to a safe, protecting your vital information. You wouldn’t leave your safe unlocked, and neither should you leave your accounts unsecured.
This is because bad actors have made password cracking an art. In 2022, over 24 billion passwords were exposed by hackers, and over 80% of these confirmed breaches were related to weak or reused passwords. The level of threat associated with having a weak password necessitates that we use a strong one!
When creating a password, a completely random one will always be your most secure bet— if you can remember it. A hacker will obviously not be able to guess a completely random password. The longer your password, the better.
Since these are not easily remembered, though we understand that these are always accessible to everyone. As such, here are some of our tips for creating more secure passwords that you can still remember:
Passwords should not include information which can be readily found online, or information that an acquaintance could easily learn about you. “Fido1989” or “Dianne2004” may be easier to remember, but even a cursory glance at your social media could yield your dog’s name, your anniversary, your spouse’s name, or the year you graduated. When you use these details in your password, you may be making them easier to remember, but you are also making them easier to guess. In the same vein, your password should not include any part of your legal name or your birthday. You may feel that “leetspeak” will help create a foolproof password, but most hackers know to try this too.
Have you ever seen a movie or show where the characters mocked someone for making the word “password” their password? It is such a common practice that it’s even become a joke on TV! This is a very poor password, and will be one of the first passwords a hacker or bad actor might guess. We do not recommend using this word as your password—even if you include numbers! “Password123” will not keep your account safe.
What can you use as a password, then? It’s recommended that you choose a 12-20 character password which includes a mixture of numbers, uppercase letters, lowercase letters, and symbols. For example, instead of “Anniversary2001,” try “l0vE.bErm.Uda@2001,” in honor of where you went for your honeymoon. This will be easier to remember than a totally random password, but the symbols, capitalization, and word choice render it meaningless to a hacker.
While a totally random password, such as “0_;nY9y/vFBP7n00AzZs” is your safest bet, you should also consider having a different, random password for every website you use. Overwhelming, right? If you choose to take this path, there are services that can simplify that process for you.
Password manager programs will keep and store all your passwords in a large digital database, allowing you to create random passwords and store them online. You may even have one built into your smartphone! These services would supply passwords when you try to log in, and the only password you would need to memorize would be the password to the service. Think of it as only needing to store one singular key to a room full of other keys!
In the password debate, there is one final, age-old question: should you write down your passwords? While the 100% most safe answer would be “no,” memorizing dozens of unique passwords is simply not an accessible option for most people. Writing down your passwords may allow you to make them stronger, and this is worth it in the long run. As such, writing down your passwords and keeping them in one secure location (a safe, for example) is a relatively safe option.
And, while this may seem like a good idea, you may want to reconsider keeping a list of passwords in your smartphone notes app or your contacts app—if someone broke into your phone, they would have access to all of your apps, as well as all of your associated passwords!
The internet can feel like an intimidating place, but by creating strong passwords, you can make it a lot safer!
Library programs are free and open to the public, and we are committed to providing technology education to the public. To register for library programs, please visit our online calendar at attend.citruslibraries.org/events or call your local library branch. To stay in the know about upcoming programs and events, follow @CitrusLibraries on Facebook and Instagram.