How to create a strong password
A strong password should be:
Memorable enough that you can recall it without writing it down.
Long and exclusive enough that no one else can guess it.
A good way to create strong, memorable passwords is by using three random words. Start each word with a capital letter. For example “RedPantsTree”. Do not use words that can be guessed; for example, your pet’s name or a well-known phrase like ILoveYou, AberdeenFootballClub, or GreatWhiteShark.
You can include numbers and symbols to make your passwords even stronger; for example, RedPantsTree4!
Never use the following personal details for your password:
Your name.
Your partner’s name.
Your child’s name.
Other family members’ names.
Your pet’s name.
Your place of birth.
Your favourite holiday resort.
Your favourite sports team.
Each year, the internet security firm SplashData releases a list of the worst passwords revealed through data leaks. In 2019, the five worst passwords were:
123456
123456789
qwerty
password
12343567
Clearly, not much thought went into creating these passwords! If any of your passwords are like these, you should change them.
Remembering your passwords
When you use different passwords for your important accounts, it can be hard to remember them all, but it is a good idea not to use the same password. If one password is compromised, your other data is also at risk. This is especially important for our emails, so we should always make sure we use a strong, separate password for our emails.
Saving your passwords in your browser will help you manage them. This means letting your web browser (such as Chrome, Safari or Edge) remember your password for you. This is safer than using weak passwords or using the same password in more than one place.
This can help:
- make sure you do not lose or forget your passwords.
- protect you against some cyber-crime, such as fake websites.
Make sure you protect your saved passwords in case your device is lost or stolen.
How to protect your saved passwords
Someone who gains access to your device may be able to use your saved passwords to access your accounts.
This kind of cyber-crime is much less common than remote attacks over the internet, where passwords are cracked using software.
To make sure you are protected, you should:
- turn off or lock your device when you are not using it.
- use a strong password to protect your device.
- turn on two-factor authentication for all your devices and accounts.
- turn on biometrics (Face ID or Fingerprint recognition), if your device supports this.
You should also back up your data regularly. This will help you recover important documents and information if your device is lost or stolen.
Hack check
Avast, an internet security firm, provides a ‘hack check’ [Tip: hold Ctrl and click a link to open it in a new tab. (Hide tip)] on their website. This can help identify if your passwords have been leaked and need to be changed.
The National Cyber Security Centre provides some important tips to assist your
The NCSC website recommends that you create a strong and memorable password by using three random words, such as ‘GreenStreetGiraffes’. You could also think of three points on a regular journey you take to help it stay memorable, like 'SchoolFountainStation'.
Activity 3.3 Creating a strong password
Use the grid below to create some strong passwords.
| Choose three random words | Add a number and a symbol | Strong password |
|---|---|---|
When you’ve finished, check how secure your passwords are with OpenLearn’s ‘Password strength checker’. What could you do to make it more secure?
Discussion
If your password is weak, check out the tips from the National Cyber Security Centre to make it more secure.
3.3 What you need to know about passwords