How to create a strong password?
Before we start
Having spent some years coding applications for macOS, we’ve created a tool that everybody can use. The all-round problem fixer for Mac.
So here’s a tip for you: Download CleanMyMac to quickly solve some of the issues mentioned in this article. But to help you do it all by yourself, we’ve gathered our best ideas and solutions below.
Online and in the media, we are always told that the best way to reduce the risk of falling victim of a cyber attack or hacking is using a strong password. But how many of us actually do?
We are also told that writing down a password - in an unencrypted text file or document, for example - is something we should avoid. It would be too easy, using malware or ransomware for cyber criminals to steal a password or set of them and therefore gain access to our online accounts, even bank accounts.
With a steady rise in cyber crime and malicious hacking, there has never been a more appropriate time to know how to create a strong password. Using a secure encrypted password manager is another great way to protect your online accounts. And for that, you also need a strong master password that you can remember and keep secure.
In this article, we cover the best ways to create strong password, and remember it.
How to create a strong password?
With so many of us having dozens of online accounts, there is no way anyone can remember every password they're going to need. Not without writing them down. If you write them down on paper, you don't need to worry about a cyber criminal getting hold of them.
However, that is the easiest way to lose access to your accounts, either by accident, or if your home or office gets burgled. Criminals want computers and devices they can sell. But with online account access, that would make your Mac even more valuable. Cyber criminals are smarter: they want access to your online information, to steal your data, commit identity and credit theft and ultimately, make money from everything that is valuable.
Unless you use a password manager, using the same password for one or more online accounts makes you vulnerable. Especially if the same password for social networks or email accounts would give someone access to your most valuable accounts. Often, those accounts are connected to other online platforms. So access to an email or a social profile is potentially a gateway to stealing data - and even money - from bank accounts, PayPal, and other places you store data on the Internet. Even if you've got an easy-to-remember - and probably not very secure - password to something unimportant, an online account you rarely visit - this is another gateway to identity and credit theft.
Passwords we create are up against Human and algorithmic, software attempts to break them, on a regular basis. Online platforms, websites and apps are constantly under attack. It only takes a cyber gang getting lucky once to expose the data of millions of users. If you've got the same password for one profile - and that data gets exposed - you risk other popular profiles getting cracked and therefore cyber criminals gaining access to your accounts.
Even now, far too many people use passwords that are ridiculously simple and easy to crack. Such as Password or 1234 or 0000, or some variation on passwords that should have long-since fallen out of disuse. If you want to avoid these mistakes, there are others that people make far too often when attempting to create a password that will make you equally vulnerable:
- In 2017, the US government revamped its suggested guidelines for how to create a strong password. One of them is using a string of random words. However, if you use a string of random words such as “monkey dragon baseball princess,” a computer or Human “dictionary” attack makes your Mac vulnerable.
- The same applies for acronyms or Bible and movie verses and quotes. Too many people use the same memorable words, phrases and quotes, making them vulnerable and easy to attack.
- Picking something too memorable means it would be too easy for a computer/software to guess and crack it.
- Failing to use random numbers, characters and capitalisation is one of the most common and worse mistakes you can make when trying to create a strong password.
- Picking something too difficult could mean you forget it, forcing you to automatically select an easier password, therefore making it easier for malicious software or a hacker to crack it.
- Creating a software that would be too easy for someone who follows you on Twitter, Facebook or another social platform could guess - such as your dogs name, favourite band, movie, game, book - and therefore crack.
Assuming you want to avoid becoming a cyber attack victim, here is some tried-and-tested advice for coming up with a strong password. Whether or not you use a password manager, such as 1Password or Dashlane - which is recommended - this will keep you secure. If you do use a password manager, use this approach to create a strong password for that, and then use the manager tool to create random and strong passwords for your online accounts.
This way, you've protected your Mac and other devices with several layers of strong passwords. Using anti-virus and other software, such as CleanMyMac X, to protect against malware and ransomware, and to keep your online history and messages private and secure is another way to reduce the risk of falling victim to cyber criminals.
Four ways to create strong passwords
#1: Has a minimum of 12 characters. Between 12 and 14 characters is ideal, although if you can create a longer one that would be even better and more effective. Long passwords are more secure.
#2: Includes a secure mix of numbers, letters, symbols, capital and lower-case letters. Creating a strong mix is the only way to beat human and computer-driven attempts to crack passwords. With the strongest passwords, it would take centuries to crack them, even with an application dedicated to breaking them.
#3: Avoid common dictionary, movie or Bible words or phrases. Although it might seem secure, it’s too easy for machines to crack these passwords because people assume they're being smart. Really, this method results in a weak password or something that is too difficult to remember and therefore, in time, forces someone to create a weak password. At the same time, avoid words and phrases you often use online. Twitter and Facebook can be data mined as sources for passwords.
#4: Don’t depend on obvious letter > word substitutions. For example, changing “House” to “H0use” or even “H0us3” is too obvious, and when a software program is processing thousands of potential passwords every minute, a substitution such as those is still too easy to break.
Another thing to avoid is an obvious way of organising words, letters, numbers and symbols. Such as “Dashlane123$”. With this example, there is a clear logical order to it, making it easy to break: A capital letter at the start, the rest in lower-case, followed by numbers and a symbol. All too easy for Human or machine learning system to break, unfortunately.
Before changing your passwords or downloading password management software, write down a few ideas and experiment with words and phrases you’re going to remember but aren't easy to break.
At the same time, it’s worth paying attention to keeping yourself safe online. With a tool such as CleanMyMac X, you can safeguard browsing history, clear cookies and caches, and scan for malware and other threats and viruses. CleanMyMac X is a powerful, easy-to-use and versatile Mac performance improvement tool. Make your Mac run as good as new. Once you’re happy with your digital footprint, put your new, more secure password into action. Remember our top tips in this article and don't make any password that is too easy to crack.
