Building an ultra-safe password in six easy steps

Credit: Deepak Karuppannan Raja | Dreamstime.com

Building an ultra-safe password can sometimes be a hassle, but it’s usually worth it. Here are six tips that’ll help you put together the most-secure passwords.

Avoid personal information

“Good passwords have nothing to do with you, your children or pets,” said Dr. Phil Polstra, Professor of Mathematical and Digital Sciences, Bloomberg University.

Hackers can easily access your social media sites to figure out your name, date of birth and the names of your relatives or pets. Try to avoid using these things as inspiration for your next password.

Make sure to alternate the caps

Similarly, using a predictable sequence puts you at risk as this is much easier for a hacker to guess.

“Put your digits, symbols and capital letters spread throughout the middle of your password, not at the beginning or end,” says Lorrie Faith Cranor, FTC Chief Technologist and Carnegie Mellon Computer Science Professor.

“Most people put capital letters at the beginning and digits and symbols at the end. If you do that, you get very little benefit from adding these special characters.”

Don’t use patterns

Patterns are frequently used as passwords and can therefore be easily guessed by hackers. These include things like “123456”, “qwerty”, “abc123” or “111111”.

“People often include a row of letters from the keyboard, because they think it looks random,” says Cranor, “but actually keyboard patterns, whether left, right, or diagonal, are among the most easily guessed passwords.”

Credit: Georgejmclittle | Dreamstime.com

Avoid the dictionary

Hackers can utilize software programs that scan the dictionary for possible password combinations.

Darren Guccione, CEO and Founder of Keeper Security suggests to “avoid dictionary terms. Dictionary cracks guess passwords using lists of common passwords and then move to the whole dictionary. This is typically much faster than a brute force attack because there are far fewer options.”

Stephen Cobb, a Senior Security Researcher at ESET agrees, saying “I prefer not to use many real words in there”. He recommends a long sentence with a collection of upper- and lower-case letters, number and symbols.

Enable two-factor authentication

Two-factor authentication is a process by which users are only granted access to their applications after providing two or more pieces of evidence proving who they are. Evidence can include knowledge (eg a PIN or password), possession (eg an ID card or security token) and inherence (eg a fingerprint, face or voice).

“Don’t rely on passwords alone,” says Neil Wynne, a Senior Research Analyst at Gartner who focuses on business security.

“Passwords should not be considered sufficient for anything other than the lowest-risk applications.”

Instead, Wynne suggests adding a layer of more robust authentication, like cryptographic credentials, or a biometric identifier.

“By adding [extra authentication], a company could have a less strict password policy, like less characters or requiring password changes less frequently,” says Jackson Shaw, Senior Director of Product Management for Dell Security.

Don’t reuse passwords

Even an unauthorized party or hacker does gain access to one of your accounts, you can limit the fallout of a potential hack by using a unique password for each site you use.

“Even if you have an ‘unimportant’ password and an ‘important’ password tier, it’s very unsafe,” says Joe Siegrist, VP and GM of LastPass, a popular password manager. “It makes it way too easy for a hacker to attack one site and get your password to all the others.”  

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags passwordsecurity practices

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.
Show Comments

Father’s Day Gift Guide

Brand Post

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Luke Hill

MSI GT75 TITAN

I need power and lots of it. As a Front End Web developer anything less just won’t cut it which is why the MSI GT75 is an outstanding laptop for me. It’s a sleek and futuristic looking, high quality, beast that has a touch of sci-fi flare about it.

Emily Tyson

MSI GE63 Raider

If you’re looking to invest in your next work horse laptop for work or home use, you can’t go wrong with the MSI GE63.

Laura Johnston

MSI GS65 Stealth Thin

If you can afford the price tag, it is well worth the money. It out performs any other laptop I have tried for gaming, and the transportable design and incredible display also make it ideal for work.

Andrew Teoh

Brother MFC-L9570CDW Multifunction Printer

Touch screen visibility and operation was great and easy to navigate. Each menu and sub-menu was in an understandable order and category

Louise Coady

Brother MFC-L9570CDW Multifunction Printer

The printer was convenient, produced clear and vibrant images and was very easy to use

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Featured Content

Product Launch Showcase

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?