STEPS TO CREATE A SECURE PASSWORD

First, some Hints and Tips:

  • Keep your passwords private – never share a password with anyone else.
  • Do not write down your passwords.
  • Use passwords of at least eight (8) characters or more (longer is better).
  • Use a combination of uppercase letters, lower case letters, numbers, and special characters (for example: !, @, &, %, +) in all passwords.
  • Avoid using Dictionary words and people’s or pet’s names; it’s also best to avoid using key dates (birthdays, anniversaries, etc.).
  • Substituting look-alike characters for letters or numbers in Dictionary words or phrases is no longer sufficient (for example, “Password” and “P@ssw0rd”).  These substitutions can be easily hacked by hacking applications.
  • A strong password should look like a series of random characters.

On the web, if you think your password may have been compromised, change it at once and then check your other website accounts for misuse. At work, change your password at once, and then call your company’s IT Security help desk.

How to create a strong, complex password

Here’s a way to make a strong password that’s very hard to crack. Follow these steps:

 

  1. Think of a phrase or sentence with at least eight words. It should be something easy for you to remember but hard for someone who knows you to guess. It could be a line from a favorite poem, story, movie, song lyric, or quotation you like. Example: "I Want To Put A Dent In The Universe"
  2. Remove all but the first letter of each word in your phrase:  IWTPADITU
  3. Replace several of the upper-case letters with lowercase ones, at random: iWtpADitU
  4. Now substitute a number for at least one of the letters. (Here, we’ve changed the capital “I” to the numeral 1: iWtpAD1tU
  5. Finally, use special characters ( $, &, +, !, @) to replace a letter or two -- preferably a letter that is repeated in the phrase. You can also add an extra character to the mix. (Here, we’ve replaced the “t” with “+”, and added an exclamation point at the end.) : iW+pAD1tU!

Do Not Reuse Passwords

Password reuse is a serious problem because of the many password leaks that occur each year, even on large websites. When your password leaks, malicious individuals have an email address, username, and password combination they can try on other websites. If you use the same login information everywhere, a leak at one website could give people access to all your accounts. If someone gains access to your email account in this way, they could use password-reset links to access other websites, like your online banking or PayPal account.


Use a Password Manager

A password manager will generate, retrieve, and keep track of your secure random passwords across countless accounts for you, while also protecting all your vital online info—not only passwords but PINs, credit-card numbers and their three-digit CVV codes, answers to security questions, and more.  Examples of Password Mangers include Lastpass, Dashlane, KeyPass, and 1Password.  Most of these managers can also help generate random passwords for you.