What Makes a Strong Password Secure?

Janis von Bleichert

Nowadays, you need a password for almost every software, app or online account you use. That protects your data but only if a password is strong enough and can't be easily guessed. So, what make a secure password, and what should you avoid?

What You Should Definitely Avoid When Creating a Password

Your personal phone number

Your date of birth

The names of your children and pets

Simple patterns of numbers and letters such as 12345, 888888, ABCDE or asdfgh

Neither should you use your own name or that of your closest family members or friends as your password. The same goes for email addresses. Personal details that are too obvious (and publicly accessible) can easily be identified.

Don't rely on your phone's Face ID or fingerprint reader alone. Those are encrypted, but they don't replace a secure password. And if you lose your phone or have it stolen, you'll need passwords to your online accounts anyway.

What Does a Secure Password Look Like?

The standard today is eight characters minimum

You should incorporate both lower- and upper-case letter

You should definitely use numbers as well

It's recommended that you use special characters like %, $ or @

The best passwords are those that don't make any sense, at least not at first glance. But how do you remember a password that makes no sense? By using a simple trick: Think of a sentence that you can remember easily. Make sure it includes numbers.

For example: "I like to eat cake at 8 o'clock at night."

You can now turn that into a simple password by using the first letter of each word., in this case Ilteca8oan. You can make it even securer by replacing the word "at" with a "@", like this: Iltec@8oan.

You can use that technique for every app you use and adjust sentences according to the app's features, like "I love reading 3 books at once when I'm at the beach" (Ilr3baowI@tb) for your e-book app. It goes without saying that you should form your own sentences and not adopt these examples.

How Many Passwords Should You Have?

You're best protected when using a unique password for every online account you have. That's not always easy, because we're all using a plethora of different applications that demand a password from us.

You can generate different passwords for different kinds of applications such as email accounts, newsletters, social media or shopping by using the method we described earlier. But again: The more passwords you have, the better protected you are.

Our tip

Don't ever use one single password for all your platforms and apps!

The best method, recommended by experts, is to use a password manager. That's an app that lets you store all your passwords securely and encrypted behind a single master password. Check out our comparison of different available password managers.

Checklist for a Secure Password

Never write down your password on a piece of paper that you then stick to your computer monitor or keep in your wallet.

Don't ever mention your passwords on the phone. Legitimate companies will never ask you for the password to your account. They might ask you for a secret phrase or the last four characters of your passwords, but never the whole thing.

Password Check

Use the EXPERTE.com Password Check to test your password's security. We check how long it takes a computer to crack your password. We also check whether your password has been affected by a data breach in the past.

Author Janis von Bleichert
Janis von Bleichert studied business informatics at the TU Munich and computer science at the TU Berlin, Germany. He has been self-employed since 2006 and is the founder of EXPERTE.com. He writes about hosting, software and IT security.
Other languages:
Deutsch Italiano