How To Create Strong, Complex Passwords to Protect Your Organization

Create Strong Passwords

First, some best practices:

Enable phishing-resistant multifactor authentication (MFA) whenever possible
If you can, use a password manager and protect it with MFA and/or a long password/passphrase
Use a password generator to create truly random passwords with a minimum of 12 characters
If you must create a password, use a passphrase with a minimum of 20 characters
Never share passwords between accounts
Keep your passwords private – never share a password with anyone else
Do not write down your passwords

How to create a strong, complex password

If you must create a password, here's a way to make a strong password that’s very hard to crack. Use one of these two methods:

Create passwords with at least 12 characters that are truly random, ideally using a password generator. Example: R#Yv&ZCAojrX
Think of a random phrase with at least 20 characters that is easy to remember. Example: 2belivingtherockandrolllifeforever

Check the strength of your password

There are a number of online tools you can use to check the strength of your password. While none of them will guarantee an unbreakable password, they are a good double-check. Here is an example from Dashlane. If your password is not strong enough, add some more characters at the end. The example above scores medium, but if you add some numbers at the end, it goes up to strong.

Why this is important - see how easy it is to crack weak passwords

In the video below, Kevin Mitnick shows you the importance of strong passwords, what his recommendations are, and how easy it really is for cybercriminals to crack passwords:

Password management software products

There are good password manager software products on the market today. Some are free; none are very expensive. Using one of these products, you can create truly random, very long, and unique passwords for each site, and because the software will remember them for you, you never have to worry about what your password is. Your password manager will store and encrypt the passwords for you, and log you in automatically. You will have vastly improved security, with only one master password to remember. Use our advice above to create a very strong master password!

Secure the Digital Workforce: Human + AI

KnowBe4 empowers the modern workforce to make smarter security decisions every day. Trusted by more than 70,000 organizations worldwide, KnowBe4 is the pioneer of digital workforce security, securing both AI agents and humans. The KnowBe4 Platform provides attack simulation and training, collaboration security, and agent security powered by AIDA (Artificial Intelligence Defense Agents) and a proprietary Risk Score. The platform leverages 15 years of behavioral data to combat advanced threats including social engineering, prompt injection, and shadow AI. By securing humans and agents, KnowBe4 leads the industry in workforce trust and defense.