A graphic showing a strong password

Hello fellow wanderers! Trevor James here. As we hop around the globe, it's not just our physical baggage we need to secure, but our digital luggage too. That starts with knowing how to create a strong password. We're not just talking about tacking on an exclamation point to your pet's name.

We're talking military-grade, uncrackable access codes. Even the most seasoned hackers can't break them! A secure password is your first line of defense in a connected digital world. Let's now dive into the art of composing a strong password and keeping your personal data locked up tighter than Fort Knox.

Top tips for creating a strong password

Alright, ready to learn how to create a strong password? Let’s start with some top tips to fortify your online accounts. Buckle up and let's dive right in!

Create longer passwords

The first tip on our journey into securing your digital presence is all about password length. Now, you may be wondering how the length can affect its strength. Well, password length is effective against what they call ‘brute force' attacks. You can find out more about this attack in the FAQ below. In a brute force attack, hackers attempt to enter every possible character combination to crack your password. 

Here's the kicker: the longer a password is, the more combinations there are to guess. Here’s a simple way to imagine this. Let's say your password consists of only one character and that character was only a letter in the alphabet. How many combinations would a hacker need to guess that? Only 26 guesses right? Now, how many guesses would that hacker need if your password was 5 letters long? You get the point. 

More combinations mean more time for hackers to crack it. It often renders brute force attacks useless. So, when you're creating your next strong password, keep in mind: the longer, the better. 

Aim for 12 characters at least, but 16 or more is a fortress. Remember, every character you add to your password’s length is another roadblock in the path of cybercriminals.

Don't include personal info

It might be tempting to use your street address or the name of your cute little Shih Tzu as part of your password. Makes it easy to remember, right? But in terms of good cybersecurity, you’ll be making a big mistake.

A graphic showing what strong passwords shouldn't have

Using personal information found on your social media posts makes the job of a hacker easy. That hacker can simply comb through your posts and gather personal details. It will then have a fair shot at cracking your password.

So, when creating a strong password, make sure that it doesn’t contain details tied to your personal life. That's right. No street address. No pet's name. No favorite street food. These are all off-limits. Instead, go for random combinations of letters, numbers, and symbols.

The more unrelated to your personal life, the stronger your password will be. Your goal is to create one that's not just hard for humans to guess, but for computers as well. 

Use special characters

A password with a unique blend of characters is like having a secret handshake with your online accounts. It's a special sequence that only you know. Incorporating characters such as @, #, and & makes them harder to crack.

These unique passwords are more resistant to dictionary attacks. A dictionary-based attack is one of the method hackers use to crack simple passwords. How do they do it? You guessed right. This method actually uses words in a dictionary. We’ll talk more about that later. 

By spicing up your passwords with a mix of unrelated characters, you should be able to come up with something more secure. This uniqueness is key to outsmarting dictionary-based attacks, as it leaves no trail for hackers to follow. It's time to get creative!

Don't use memorable keyboard paths

A keyboard path is a pattern that's easy to spot on your keyboard. This could be a simple sequence like ‘qwerty' or ‘1234', or something a little more complex like ‘1qaz2wsx'. Sure, these paths are easy to remember. Unfortunately, they're also pretty easy for seasoned cybercriminals to guess.

 graphic depicting a password created using keyboard paths

Instead of falling back on these predictable patterns, use random characters to form your password. Try scattering your fingers across the keyboard and picking characters from all corners. You'll be able to create one that’s unique and unpredictable. The goal is to generate one that's as hard to guess as winning lottery numbers. Keep it random, keep it safe!

Combine mixed case letters, numbers, and special characters in crafting secure passwords

Alright, now let's take a deeper dive into the art of mixing cases and characters. A strong password is one that utilizes combinations. I’m referring to a combination of lowercase letters, capital letters, numbers, and special characters. When you mix things up, you add an extra layer of complexity. That makes your password harder to crack.

A mixture of uppercase and lowercase letters, numbers, and special characters— everything you need to create strong passwords

Using combinations makes you less vulnerable to the dictionary-based attack I mentioned earlier. A dictionary-based attack tool uses every word in the dictionary. It uses them to try and crack your password. If you only use simple codes consisting of a common word or phrase, that tool will easily crack it. Combinations will be harder to crack if you incorporate complex characters.

Start with a passphrase to create a secure password

Starting with a passphrase is a great strategy to create passwords. A passphrase is just a string of words. But, hold on a minute, don't just pick any string of words. Instead, make it something weird or ridiculous, something totally outlandish. Something only you would remember.

For example, ‘BlueMonkeyCooksBakKutTehFor5Hours@Midnight'. Bak Kut Teh is a complex Asian dish that requires a series of steps to prepare, making it a perfect fit for this purpose. This isn't a single word—it's a gastronomic adventure! And that makes it hard to guess and crack. This way, you can take advantage of multiple words to build robust and strong passwords. Notice that I've added a number and a special character to spice things up.

Use a password manager to create passwords for you

Let's admit it, following all those tips above isn’t exactly a walk in the park. You can use a password manager to simplify things. This tool is pretty handy when it comes to creating and managing the strongest passwords. It’s designed to generate, store, and manage your access codes for you. 

A screenshot of a password manager generating a strong password.

As a password generator, it’s very efficient. One click, and it will generate complex and strong passwords that are almost impossible to crack. I’m talking about a random combination of letters, numbers, and special characters. Yes, they tick all the boxes for a strong password!

Let me share with you one of my favorite features in this tool. It takes away the most difficult difficult task of maintaining many passwords. You don't have to remember every single access code for each of your accounts. It will automatically store passwords and then input them for you every time you log in. 

It can manage passwords for your social media accounts, your financial accounts, and so on. This makes it a lot easier to handle multiple accounts. You’ll never be tempted to use the same combination over and over.

Top 3 password security best practices

Knowing how to create strong passwords is just the first step for safeguarding our online identity. Here are the top 3 best practices to ensure you’re able to create ones that are not only robust but also immune to the most insidious of cyberattacks. Let's dive right in!

  1. Don't use the same password for all your accounts

Reusing the same password for all your accounts is a dangerous practice. Imagine if one account gets compromised in a hack. What will happen? Cybercriminals will get a free pass to all your other accounts, that’s what. They’ll get to your email account, your social media account, and even your online bank account.

A graphic depicting one password being reused across multiple accounts

Remember that each of your online accounts stores different types of personal information. A hacked account poses different kinds of risks. Let's say a hacker gains access to your social media account. It might seem like a minor inconvenience until you realize they also have your email. From there, they can reset passwords and gain control of your other accounts. The problem can escalate rapidly.

So, how what can we do to prevent this? Simple. Don't reuse passwords. Each of your online accounts should have its own unique password. Also, each access code should be hard to crack. This ensures that even if one of your private accounts do get compromised, the others remain safe.

Of course, remembering a unique and strong password for each account is hard. In most cases, it's even impossible. That's where password managers come in handy. These software applications will do the remembering for you. 

A screenshot of a password manager storing login credentials of various accounts

All you need is one access code – a master password – to unlock this handy tool. And voila! You have access to all your passwords. By embracing this practice, you're taking a proactive step in protecting your online identity from data breaches. 

  1. Keep your passwords private

Keeping your passwords private is essential in maintaining online security. You might have a good password. But if it's not your personal secret, its strength is rendered useless. Always refrain from sharing your login credentials, even with people you trust. It's not about distrust. It's just a crucial step in safeguarding your digital privacy.

Storing your personal passwords on a piece of paper or a document on your computer is a bad idea too. They can be easily discovered. It’s better to keep them in password managers. These tools not only store passwords but also encrypt them. That’s going to add an extra layer of security.

  1. Change your passwords regularly

Changing your passwords regularly is also important. It's like changing the locks on your doors. Some people might think that once they've created one password, they're good to go. They're not. What if your password gets exposed in a data breach? Changing your old password can preempt any hacking attempt that uses that password. 

When you change your passwords, it's important to ensure that you're not using one that you’ve previously used before. Each one should be completely unique. Also, don't make minor changes to your old ones. Cybercriminals can spot patterns, so if your new password is very similar to an old one, it makes their job easier.

The frequency of when you should change your passwords can vary. A general rule of thumb is to update them every three to six months. However, you should change it immediately if you suspect that an account has been compromised.

Again, remembering all these new passwords can be a daunting task. This is where password managers can assist. They can generate new security codes for you and remind you to update them at regular intervals. It’s like having a private security assistant.

I'm obviously a big fan of password managers. And why not? They make creating and managing passwords so much easier. If you're curious which ones are the best, here are my personal choices.

My Top 4 Password Managers
  1. Dashlane: Dashlane is a top-rated password manager. It offers a seamless way to manage your passwords. Dashlane features a one-click password changer. It also includes an automatic form-filler and a robust digital wallet. Its password generator helps you come up with good password ideas. This makes sure your access codes are strong and secure for your accounts.
  2. Bitwarden: Bitwarden is a secure open-source password manager that stores your passwords. The password generator tool is one of its best features. It offers a range of customizations. This helps you create complex passwords. 
  3. 1Password: 1Password is known for its easy to use interface and robust security features. It helps you store and manage your passwords in a secure manner. The passwords generator tool provides users with excellent ideas for your passcodes. It also ensures you never reuse them. 
  4. LastPass: LastPass is a secure and convenient tool for managing all your passwords. The password generator tool creates passwords that are hard to crack. It has features like auto-fill, secure sharing, and emergency access. These features make it easy to do online activities in a secure way.

Try these 6 unique password ideas to create strong passwords

Even with the help of a password manager, creating strong passwords can sometimes still feel daunting. But it doesn't have to be. Here are four unique strong password ideas that can help secure your online presence:

  1. Mix random words:

One method is to combine random, unrelated words. This creates a password that's not only strong but also easier to remember. For example, “BlueElephantCafeLamp”. This make it hard for hackers to crack but easy for you to recall. Remember, the more random the words, the stronger it will be.

  1. Use song lyrics & book quotes: 

You can use your favorite song lyrics or inspiring book quotes to form a strong password. It's a creative way of generating a secure code that you can easily remember but hard for hackers to guess. For instance, a line from a song can be modified with the addition of numbers.

  1. Use a story: 

Create a strong password by first crafting a short, random story. After that, you can use the first letter of each word. For example, “An elephant ate 30 bananas at noon!” becomes “Aea30ban!”. This method leverages random words and provides strong passwords that are memorable but hard to crack.

  1. Use Acronyms of Personal Experiences: 

Here's another way to generate random passwords. Use acronyms from distinct personal experiences. Keep in mind to not use experiences that are easy to guess. For instance, “My first car was a 2005 Honda Civic” could become “Mfcwa2005HC”.

  1. Mix Languages: 

Use words from different languages. For example, mix English, French, and Spanish words. Form something like “SunlightLuzSoleil”. That's a strong password.

  1. Use Favorite Activities: 

Use your hobbies or favorite activities to create a strong password. Let's say you love painting. You can use “Paint@SunsetWithAcrylics” as your password. 

FAQs about creating a strong password

There's nothing special about creating an online banking password. The same rules apply. Use a mix of uppercase and lowercase letters, numbers, and symbols. Avoid personal information or common words. And so on. You can follow these rules easily by using a password manager. This handy tool can generate and manage good passwords on your behalf. 

Strong passwords are more resistant to brute force attacks. The same applies to dictionary attacks. So what are the primary attributes of strong passwords? Check them out:

  1. Longer length: The longer the password, the stronger it is. It should ideally be at least 12 characters long.
  2. Complexity: Increase complexity to increase password strength. Use a mix of numbers, symbols, upper and lower case letters.
  3. Unpredictability: Good passwords are hard to guess. Avoid using common phrases and personal information. Avoid sequential numbers too. 
  4. Uniqueness: Every account should have a unique password. Reusing the same one across multiple accounts can put all accounts at risk. One hacked account can jeopardize all other accounts.

Well, think about it. Passwords work like keys. They lock your online accounts, just like keys lock your house. The better the lock, the safer your stuff inside is. That's how passwords help, they keep your online stuff safe from hackers. But if someone steals your keys, they can access everything, right? Same with passwords

A graphic depicting password security

That’s why you need to secure your passwords. Don't share them with anyone. Attackers have started using phone calls to trick individuals into revealing their passwords. Never share your login credentials, even over a trusted phone call.

Managing login credentials for various online accounts can be challenging. It's hard to remember passwords. More so when they are long and complex. This is where a password manager comes into play. These tools simplify various tasks. This includes creating, storing, and recalling your passwords for every online account.

With these tools, you only need to remember one strong master password. This master password gives you access to a secure database. That database contains all your passwords. 

What are the risks of reusing passwords for multiple accounts?

Reusing the same password for multiple accounts is a big no no. Think about it. Let’s say you have one key that opens your house, car, and office. Now imagine someone stealing that key. They can get into everything. The same goes with passwords. If you use the same password for all accounts and a hacker gets hold of it, they’ll have access to every account you have. This is called “credential stuffing”. It's a tactic that hackers use.

So, what's the solution? Easy. Each account needs a unique, long password. This way, if someone cracks the password to one account, your other accounts are still safe. Just like if someone steals your house key, they can't get into your car or office. That’s why it's important to use a different password for every account you have. 

Weak passwords can put your online stuff at serious risk. So, what makes a password weak? Let's talk about it.

  • First, short passwords are weak passwords. The longer a password is, the stronger it becomes. So, longer passwords are much safer.
  • Next, passwords that just use lowercase letters are also weak. A strong password should have a mix of numbers, symbols, and both small and big letters.
  • Finally, using things like your name, birthdate, or “123456” is a big no-no. Memorable passwords are very easy for hackers to guess.

A brute force attack is like a thief trying every key on a keyring until they find the one that opens the door. In this case, the cyber criminals are trying all possible password combinations until they find the right one. A longer password makes this much harder. Think of it like a key with more parts – it's tougher to copy. 

A graphic depicting a hacker performing a brute force attack.

A complex password, with numbers, symbols, and both big and small letters, is even better. It's like a key with an unpredictable pattern. And, to add another layer of safety, use two factor authentication (2FA). It's like needing a key and a passcode. So, even if the cyber criminals guess your password, they can't get in without knowing the passcode. We’ll talk about 2FA later.

This attack is another way cyber criminals try to break into your account. Brute force attacks try every possible combo. But in a dictionary attack, they use common words and phrases. Think of it like trying all the words in a dictionary as your password. 

If your password is a common word, it will easily break with this type of attack. As always, just follow the tips in this article to thwart this attack. Use random letters and mix in numbers, symbols, and both big and small letters. It will work all day, everyday. 

Two-factor authentication (2FA) is like having two locks on your door. After you enter a good password, it asks for a second key. This second key could be a text message on your phone, a fingerprint, or a physical token.

Why is this vital? Let's imagine a hacker manages to figure out your password. With 2FA, they still can't get into your account. Try to think of a physical entryway. They might've picked the first lock on your door, but can't pick the second because they don't have the key.

With all the data breaches these days, secure passwords and 2FA are very important for our online accounts. It’s akin to having a strong lock and a passcode on your door. It makes it much harder for hackers to get in. 

How useful was this post?

Click on a star to rate it!

Average rating 4.9 / 5. Vote count: 1255

No votes so far! Be the first to rate this post.

As you found this post useful...

Share this on your social media!

We are sorry that this post was not useful for you!

Let us improve this post!

Tell us how we can improve this post?


Full Time Digital Nomad

About The Author

Hi! I’m Trevor James, a Canadian YouTuber who travels the world full-time. I make videos about food, travel, and cybersecurity. I have been traveling the world and making videos for over 10 years. You can read more about me here.


Save 49%

Get Deal

How useful was this post?

Click on a star to rate it!

Average rating 4.9 / 5. Vote count: 1255

No votes so far! Be the first to rate this post.

As you found this post useful...

Share this on your social media!

We are sorry that this post was not useful for you!

Let us improve this post!

Tell us how we can improve this post?