What Makes a Password Secure?

Janis von Bleichert

Nowadays, you need a password for almost every software, app, or online account you use. Passwords protect your personal data, but only if they're strong enough and not easily guessed. So, what makes a password secure, and what should you avoid when creating one?

What You Shouldn't Use As a Password

Your phone number

Your date of birth

The names of your children or pets

Simple patterns of numbers and letters such as 12345, 888888, ABCDE or asdfgh

In addition, it's also advisable not to use any part of your name or those of your closest family members or friends. The same goes for email addresses. Any information that is obvious or publicly accessible should also be avoided since it can easily be found out.

You also shouldn't rely entirely on your phone's Face ID or fingerprint sensor. Even though they are encrypted, they cannot take the place of a secure password. And if your phone is lost or stolen, you'll need passwords to access your online account anyways.

What Does a Secure Password Look Like?

It has a minimum of eight characters

Features both upper- and lowercase letters

Contains several numbers

Includes special characters like %, $, or @

The best passwords are those that don't make any sense, at least not at first glance. But how to recall these? There's a simple trick: Think of a sentence that you can easily remember and make sure it includes numbers.

For example: "I like to eat cake at 8 o'clock at night."

Now, take the first letter of each word (and the 8) to get Ilteca8oan. To make it even securer, replace the first "at" with "@", like this: Iltec@8oan.

This technique can be used for any app that you have, adjusting each password to that account. For an e-book app, you might create a sentence like "I love reading 3 books at once when I'm at the beach" (Ilr3baowI@tb). It goes without saying that you should think up your own sentences and not simply use these examples.

How Many Passwords Should You Have?

To afford yourself the maximum amount of protection, you should have a unique password for every online account. However, this is a challenge since the average person has between 70-100 digital accounts.

One solution is to generate different passwords for types of applications, such as email accounts, newsletters, social media, or shopping by using the method we described earlier. However, the more unique passwords you have, the more secure you are.

Our Tip

Never use a single password for all of your platforms and apps!

The method recommended by experts is to utilize a password manager. Such apps securely store and encrypt all of your passwords in a digital vault that is protected by a single master password. For more information about these, be sure to check out our comprehensive evaluation of some of the most popular password managers.

Checklist for a Secure Password

Never write your password down on a piece of paper and affix it to your computer monitor, or place it in your wallet.

Never give out your passwords over the phone. Legitimate companies will never ask for the password to your account. At the most, they might query you for a secret phrase or the last four characters of your password, but that's it.

Password Check

Use the EXPERTE.com Password Check to assess the strength of your passwords. It evaluates how long it would take a computer to crack your password, as well as whether your password has been affected by a data breach in the past.

Author: Janis von Bleichert
Janis von Bleichert studied business informatics at the TU Munich and computer science at the TU Berlin, Germany. He has been self-employed since 2006 and is the founder of EXPERTE.com. He writes about hosting, software and IT security.
Other languages:
Deutsch Italiano 
More about IT-Security
Cyber Attacks - 3 Current Threats and Countermeasures
HDD and SSD - How to Safely Wipe Your Hard Drive
Phishing: Recognizing the Threat
Data Theft: What Is It? How Can I Protect Myself?
Best Password Manager - 12 Tools Reviewed
How To Remove Junk Files From Your Windows PC
VPN Leak Test - Is Your Private IP Public?
Browser Fingerprinting - What Is It and How Can I Protect Myself?
Best VPN - Review of 22 VPN Providers
Internet Censorship - Site Blocked in China, Russia or Turkey?
Password Generator - Generate a Secure Password
Browser Privacy Check - Which Traces Do I Leave on the Web?
Password Checker - How Secure Is My Password?
Darknet - What Is It and How Can I Access It?
Data Breaches - What Is a Data Leak? Have You Been Affected?
Internet Pitfalls - The 7 Biggest Dangers Online
Data Recovery - Restoring Deleted Files
Secure Messengers - The 5 Best Alternatives to WhatsApp
Anonymous Search Engines - 3 Alternatives to Google
Doxing - What It Is and How You Can Protect Yourself
Privacy Browsers: The Best Browsers for Maximum Security
Two-Factor Authentication - This is how you secure your accounts
Ad Blocker - How to Protect Yourself From Annoying Ads
Do Not Track - What It Is and How It Can Protect You
Manage Passwords - Best Way to Store Passwords
Anonymity Online: Tor and the Tor Browser
Identity Theft on The Web – How To Protect Yourself
Best Cloud Backup - 7 Online Backup Providers Reviewed
Best Antivirus Software - 11 Programs Reviewed
How To Change Your IP Address - 3 Simple Ways
Email hacked? How To Find Out if Your Email Has Been Hacked
Anonymous Browsing - How to Surf Anonymously Online
Hide IP - How to Hide My IP Address