How To Create Strong Passwords (2017 Edition)

It’s more important than ever to make sure you’re using strong, unique passwords. Passwords are one of your main defenses against computer viruses, account hijacking, and other Internet threats.

Several major sites have experienced security incidents over the last year. Hacks from years ago are still having repercussions in the present because people keep re-using old passwords. Never re-use passwords! Create passphrases that are at least 12 characters long and different on every site. Use two-factor authentication where available. You’ll find more details on this below.

Why You Need Strong, Unique Passwords

Many people say to me, “I don’t need a secure password. I don’t have anything sensitive on my computer, so I don’t care if a hacker gets in.” You, my friends, are a hacker’s dream. Because it’s not necessarily your personal information they want, although they’ll happily steal your credit card info if they can. No, what they really want is control of your computer, your email address, your Facebook page… anything and everything that will let them do their dirty work from behind a smokescreen.

Selling account details can be a lucrative business. Don’t let complacency make you a target.

Strong passwords must be:

  • Not in use on any other system
    This is perhaps the biggest no-no in the password rulebook. When hackers nab passwords, they try the same account/password combinations on popular sites like Google, Facebook, Twitter. If you’re using the same password you just let them in. Do not ever, ever, ever use the same password anywhere. Before you despair, keep reading. There are tools to make it easier.
  • Changed regularly
    Yes, you have to change your passwords. And yes, they still have to be different everywhere. In fact this is one of the best things you can do to secure your passwords. Use a password management tool if you need help keeping track of everything (see below).
  • 12 characters or longer
    Think passphrase rather than password. The longer and more complex a password is, the less likely it can be cracked. A few sites may not let you use a password as long as 12 characters, so use the longest password you can.
  • A mix of upper- and lowercase letters, numbers, and symbols
    Some systems won’t allow you to use a range of characters in your password, in which case I suggest you reconsider using that site. Do you really trust someone who isn’t going to allow you to secure your account properly? Makes you wonder how secure everything else on the site is.
  • Not common words or proper nouns found in a dictionary
    Here’s a list of the 25 worst passwords, updated for 2016. If your passwords sound like these, change them now.
  • Not the names of your spouse, kids, pets, or other personally identifying information
    Don’t create passwords out of information that can be gleaned about you, and don’t share information that can be used to guess security questions. For example, if you have pictures of your dog Fido on Facebook, and you also answer your bank’s security question “What’s your dog’s name?” with “Fido,” guess what? You have just given a hacker potential access to your bank account.

Examples of good and bad passwords

Good passwords (but don’t use these!)

AP@ssw0rdIJustMADE!UP!4U
Here’sAnOtHeR1FOR$You

Bad passwords

password
password1
password!
123456
<blank>
mypassword
spouse’s name
pet’s name

Password Don’ts…

  • Don’t rotate between the same two or three passwords. It’s just as bad as using the same password everywhere.
  • Don’t send passwords via sites like email, Facebook, Twitter. Use another means like text message, which goes directly to the recipient. Or even better, a phone call.
  • Don’t stick passwords on Post-It notes. Whether it’s under the keyboard or on a bulletin board, it’s exposed. Be like Gandalf: Keep it secret, keep it safe.
  • Don’t share passwords and accounts. This is especially prevalent in small businesses. Don’t create one account then share the password; create multiple accounts for each person who needs access. More time consuming? Sure. More secure? You bet.

Tools to manage your secure passwords

With a password management tool such as 1PasswordLastPass, or KeePass, all you have to remember is one master password and the software takes care of the rest. You can use the same password management tool on your computer and on your mobile devices.

Unfortunately any company can be breached by hackers and password management firms are no exception, as was demonstrated by a recent LastPass breach. In other words, passwords stored in management tools can be swept up in data breaches just like any other kind of data.

The good news is that most password managers encrypt your data, so even if hackers get hold of it, they will hopefully be hard-pressed to recover your actual passwords. That being said, you need to safeguard your master password with more vigilance than any other password you use. Please do NOT re-use your master password anywhere else! And be sure to keep another copy of your passwords somewhere safe in case you lose access to your password management tool.

Two-factor authentication

Two-factor authentication (2FA) uses a password plus another unique identifier, like a passcode messaged to your phone. This is much safer than a password alone because the second identifier is constantly changing, making it much harder to break into an account. If a site offers 2FA, you should consider using it.

However, 2FA does not make a weak password safe. Your best bet is 2FA plus an excellent password. As with a password manager’s master password, you need to make absolutely sure you have copies of your 2FA backup codes, because that’s what’s going to get you into your account if you have trouble.

Password harvesting scams

Password harvesters are everywhere. For example, you might get a spam email saying you need to update your account. This message contains links to a page that looks like the real login, but it’s really just a fake designed to steal your credentials. Similarly, password-harvesting scams can be distributed via Facebook, Twitter, and other social media sites. When in doubt, type the address for the site into your Web browser manually rather than clicking on a link.

Why not take this opportunity to change your passwords? It’s the best thing you can do to protect yourself against identity theft and cybercrime.

[Originally posted in 2010 as How To Create Secure Passwords. This version has been updated with the latest advice on secure passwords.]

 

Seven Ways To Fix A Slow Computer

Does your Windows or Mac computer seem to get slower every day? Try these seven techniques to speed up your system.

Reboot your computer
Most people know that rebooting can fix computer problems. What you may not know is that turning off the power by shutting down (called a cold boot) does a better job than simply using the restart command (a warm boot). If you hibernate your computer, you should give it a reboot now and then to clear any sleep-related snafus.

Scan for viruses and malware
Your next troubleshooting step should be to scan for viruses and malware using your usual antivirus program. Remember, some viruses can sneak past your computer’s defenses, which is why it’s important to watch what you click. Preventing viruses is easier than trying to remove them.

Run a cleanup utility
Cleanup utilities take care of little problems before they become big ones. Two of my favorites are CCleaner for Windows and Sierra Cache Cleaner for Mac. Watch out for computer viruses masquerading as cleaning utilities.

Reboot your network
If other devices are also slow, your network may be the culprit. Try rebooting by turning your router and/or modem off, then on again.

Install software updates
Updates fix bugs that can cause computers to slow down or crash. Keeping your computer updated helps to avoid these software bugs and keeps your computer more secure.

Quit apps when not in use
You should always quit apps when you’re not using them. Many people simply click out of the active window but leave the app running, which uses up extra memory and slows down your computer.

Add more memory
You may be able to add more memory to your computer. Check your manufacturer’s web site for configuration options.

Don’t forget to sign up to receive Tech Tips by email and follow Tech Tips on Facebook for the latest tech support advice for Windows and Mac.

How To Prepare Your Computer For Reuse, Recycling, Or Donation

We all need to take responsibility for disposing of our old computers properly. Instead of throwing out old electronics, please consider reusing, donating, or recycling them. Old computers can have a lot of life left, especially if the hardware is … [Continue reading]

Ways To Improve Your Wireless Network Signal

If you’ve ever suffered from slow WiFi, you’re not alone. But there are a number of easy things you can do to try to speed up your wireless network. The most common wireless problem I encounter is poor access point placement. Wireless access … [Continue reading]

Why You Need To Delete Your Old Accounts

Most people let old accounts languish. But abandoned accounts are filled with information that can be used to send spam, spread malvertising, and commit cybercrimes. For example, I frequently get email messages from people I know, but haven’t … [Continue reading]

Quick Internet Safety Tips For Kids, Parents, And Teachers

Talking with your child about Internet safety can seem overwhelming, but there are some excellent resources available to help. Here are some of the tools I use when teaching kids, parents, and schools about online safety. Basic Internet Safety … [Continue reading]

Clean Up Your Computer With These Utilities

Every computer needs a tune-up now and then. Unfortunately computer viruses often disguise themselves as cleaning programs and other utilities. You think you’re downloading a legitimate program, but you end up infecting your computer instead. Here … [Continue reading]

How To Prevent Or Remove The Windows 10 Upgrade

Just when you think Microsoft won’t stoop any lower in forcing Windows 10 upgrades on its customers, now they’ve started changing the way your computer behaves in order to trick you into accepting the upgrade. I’m referring to the X or close box … [Continue reading]

How To Prepare For A Windows 10 Upgrade

Microsoft's expiration of their free Windows 10 upgrade has PC users asking: Is it time to upgrade? Many people have delayed upgrading. That is to say, they’ve tried to delay upgrading… but Microsoft’s aggressive marketing tactics have gone from … [Continue reading]

How To Protect Your Mobile Devices From Malware

Mobile malware is on the rise, but few people maintain the same precautions on their tablets and phones that they do on their computers. Here’s what you need to do to stay protected. Mobile devices need antivirus software just like any other … [Continue reading]