How do I choose a good password?

Answer: Since so many websites and computer systems require you to create login information, it is important to know how to create a good password. Choosing a good, secure password will help prevent unauthorized access to your private information, which may save you from some serious headaches down the road.

While only you can choose the best password for your purposes, I have created the following 9 Password Guidelines that you may find helpful.

1. Avoid default passwords.
   Please avoid the all-too-common mistake of using generic passwords, such as "password," "1234," or even your name or your phone number. Some systems automatically set up your user account with a basic password like these. Make sure you change it.
2. Choose a password that is difficult to guess.
   The purpose of a password is to prevent others from accessing your private information. Therefore, don't use a birthday, pet name, sports team, or other word or phrase that someone might be able to guess.
3. Choose a password that is easy to remember.
   While your password should be hard for others to guess, make sure you can remember it. Having to request a forgotten password means it will usually be sent to you via e-mail, which is an unsecured medium.
4. Use both letters and numbers.
   This makes it much less likely for others to guess your password. It will also make it much more difficult for any type of password-hacking program to find out what your password is (though this is very uncommon).
5. Don't use real words.
   Avoid dictionary words and instead use partial words or unusual names combined with numbers. This will make it nearly impossible for any type of automated program to decipher your password (though, again, this is very uncommon).
6. Use symbols and varied capitalization.
   Many login systems are case sensitive and support symbols, such as *,/,+,%, etc. as part of passwords. Using both uppercase and lowercase letters as well as symbols can significantly increase the security of your password. Just make sure that you can remember it!
7. Make your password reasonably long.
   The longer your password is, the harder it will be to guess. Many login systems require passwords to be at least six characters in length. This is because passwords become exponentially more secure as more characters are added. I make sure all my passwords are at least eight characters long.
8. Use different passwords for different logins.
   Make sure you don't use the same password for every login you create. Instead, use slight variations of a primary password so that you won't forget them. You can use a basic password for sites that don't store much personal information, such as online forums. For online banking and e-commerce sites, make sure your passwords are extra secure.
9. Choose a secure username.
   Most login systems require both a username and a password. If you choose a username that others won't be able to identify with you, it's like having two secure passwords.

I hope these guidelines are helpful when choosing a password. Remember, the purpose of a password is to protect your information, so make sure it does!

Published: December 6, 2008 — by Per Christensson