What Makes a Password Secure?

Janis von Bleichert

Nowadays, you need a password for almost every software, app, or online account you use. Passwords protect your personal data, but only if they're strong enough and not easily guessed. So, what makes a password secure, and what should you avoid when creating one?

What You Shouldn't Use As a Password

Your phone number

Your date of birth

The names of your children or pets

Simple patterns of numbers and letters such as 12345, 888888, ABCDE or asdfgh

In addition, it's also advisable not to use any part of your name or those of your closest family members or friends. The same goes for email addresses. Any information that is obvious or publicly accessible should also be avoided since it can easily be found out.

You also shouldn't rely entirely on your phone's Face ID or fingerprint sensor. Even though they are encrypted, they cannot take the place of a secure password. And if your phone is lost or stolen, you'll need passwords to access your online account anyways.

What Does a Secure Password Look Like?

It has a minimum of eight characters

Features both upper- and lowercase letters

Contains several numbers

Includes special characters like %, $, or @

The best passwords are those that don't make any sense, at least not at first glance. But how to recall these? There's a simple trick: Think of a sentence that you can easily remember and make sure it includes numbers.

For example: "I like to eat cake at 8 o'clock at night."

Now, take the first letter of each word (and the 8) to get Ilteca8oan. To make it even securer, replace the first "at" with "@", like this: Iltec@8oan.

This technique can be used for any app that you have, adjusting each password to that account. For an e-book app, you might create a sentence like "I love reading 3 books at once when I'm at the beach" (Ilr3baowI@tb). It goes without saying that you should think up your own sentences and not simply use these examples.

How Many Passwords Should You Have?

To afford yourself the maximum amount of protection, you should have a unique password for every online account. However, this is a challenge since the average person has between 70-100 digital accounts.

One solution is to generate different passwords for types of applications, such as email accounts, newsletters, social media, or shopping by using the method we described earlier. However, the more unique passwords you have, the more secure you are.

Our Tip

Never use a single password for all of your platforms and apps!

The method recommended by experts is to utilize a password manager. Such apps securely store and encrypt all of your passwords in a digital vault that is protected by a single master password. For more information about these, be sure to check out our comprehensive evaluation of some of the most popular password managers.

Checklist for a Secure Password

Never write your password down on a piece of paper and affix it to your computer monitor, or place it in your wallet.

Never give out your passwords over the phone. Legitimate companies will never ask for the password to your account. At the most, they might query you for a secret phrase or the last four characters of your password, but that's it.

Password Check

Use the EXPERTE.com Password Check to assess the strength of your passwords. It evaluates how long it would take a computer to crack your password, as well as whether your password has been affected by a data breach in the past.

Author Janis von Bleichert
Janis von Bleichert studied business informatics at the TU Munich and computer science at the TU Berlin, Germany. He has been self-employed since 2006 and is the founder of EXPERTE.com. He writes about hosting, software and IT security.
Other languages:
Deutsch Italiano