Passwords

Having a strong password is often your first line of defense against a hacking attempt. Creating strong passwords for your various accounts is essential in protecting your identity, accounts, and network. On the other hand, weak passwords can make you an easy target for hacking, but so can poor password hygiene. Here's what we recommend to ensure your safety on all your personal accounts:

Do's and Dont's

A few basic rules always apply to all kinds of passwords.

• Aim for length—about 16–20 characters.
• Include numbers, symbols, uppercase and lowercase letters.
• Make a long, memorable phrase with several words.
• Use a different password for each website or service you use. This is especially crucial with your accounts for school, finances, and the government.
• Save passwords in a password manager.
• Don't recycle passwords.
• Don't use personally identifying information (nicknames, birthdays, anniversaries, addresses, etc.).
• Don't use keyboard patterns like qwertyuiop or 1234.
• Don't keep passwords written down in an unsecured place.

Strength = Variety x Length

If your password gets stolen in an encrypted form (often the case in major breaches), your best chance at avoiding decryption lies in having a long password. Every extra character in a password exponentially increases the time it will take a hacker to decrypt it. For this reason, passwords shorter than 8 characters are never safe, while passwords of 16+ characters can be nearly uncrackable. Some organizations, however, can't handle passwords past a certain character count, so here are some tips for securing passwords of varying lengths.

Pass Phrases

A pass phrase is basically a series of words, including the use of spaces if desired, that can be used instead of a single pass "word." Pass phrases are easier to remember than complex passwords. Pass phrases should be at least 16 characters in length (spaces count as characters). Longer is better because, though pass phrases look simple, the increased length provides so many possible permutations that a standard password-cracking program will not be effective. Disguising simplicity by throwing in elements of weirdness, nonsense, or randomness, will help make it more secure. For example:

pizza home cosmic spaniels
foggy tooth jazz pants

Adding punctuation and capitalization to your phrase and adding in a few numbers or symbols from the top row of the keyboard, plus using some deliberately misspelled words will create an almost unguessable password. For example:

Pizza Home Cosmic Spaniels?
P1zza 4 Hom3 Cosmik Spanielz!

Foggy Tooth Jazz Pants!
Fogggy Toooth J4zz P@nts?

Password Managers

Password managers are third-party applications that encrypt and store passwords for you—either ones you've made, or auto-generated passwords that are highly hacker-resistant. You only need to remember one password to access the others your password manager keeps—but follow the tips on this page to make it a strong one, just in case!

Popular password managers include LastPass, Dashlane, KeePass, Bitwarden, or 1Password, Always do your research before choosing a password manager.