5 Easy Steps To Create Strong Passwords

Create Strong Passwords5 Easy Steps To Create Strong Passwords

First, some Hints and Tips:

  • Keep your passwords private – never share a password with anyone else.
  • Do not write down your passwords. 
  • Use passwords of at least eight (8) characters or more (longer is better).
  • Use a combination of uppercase letters, lower case letters, numbers, and special characters (for example: !, @, &, %, +) in all passwords.
  • Avoid using people’s or pet’s names, or words found in the dictionary; it’s also best to avoid using key dates (birthdays, anniversaries, etc.).
  • Substituting look-alike characters for letters or numbers is no longer sufficient (for example, “Password” and “P@ssw0rd”).
  • A strong password should look like a series of random characters.
  • On the web, if you think your password may have been compromised, change it at once and then check your other website accounts for misuse. At work, change your password at once, and then call your company’s IT Security help desk. 

How to create a strong, complex password

Here’s a way to make a strong password that’s very hard to crack. Follow these steps:


  1. Think of a phrase or sentence with at least eight words. It should be something easy for you to remember but hard for someone who knows you to guess. It could be a line from a favorite poem, story, movie, song lyric, or quotation you like. Example: "I Want To Put A Dent In The Universe"
  2. Remove all but the first letter of each word in your phrase:  IWTPADITU
  3. Replace several of the upper-case letters with lowercase ones, at random: iWtpADitU
  4. Now substitute a number for at least one of the letters. (Here, we’ve changed the capital “I” to the numeral 1: iWtpAD1tU
  5. Finally, use special characters ( $, &, +, !, @) to replace a letter or two -- preferably a letter that is repeated in the phrase. You can also add an extra character to the mix. (Here, we’ve replaced the “t” with “+”, and added an exclamation point at the end.) : iW+pAD1tU!

Check the strength of your password

There are a number of online tools you can use to check the strength of your password. While none of them will guarantee an unbreakable password, they are a good double-check. Here is a link to a tool from Dashlane. If your password is not strong enough, add some more characters at the end. The example above scores medium, but if you add some numbers at the end, it goes up to strong: 

Why this is important - how easy it is to crack weak passwords

In the video below, Kevin Mitnick shows you the importance of strong passwords, what his recommendations are, and how easy it really is for cybercriminals to crack passwords:

Password management software products

There are good password manager software products on the market today. Some are free; none are very expensive. Using one of these products, you can create truly random, very long, and unique passwords for each site, and because the software will remember them for you, you never have to worry about what your password is. Your password manager will store and encrypt the passwords for you, and log you in automatically. You will have vastly improved security, with only one master password to remember. Use the above 5 steps to create a very strong master password!

Browser Password Inspector

Concerned with your network being hacked or becoming a victim of a data breach? KnowBe4’s Browser Password Inspector (BPI) is a new and complimentary IT security tool that allows you to scan and analyze your organization’s potential risk of credential theft and account takeovers associated with users saving passwords in Chrome, Firefox, and Edge web browsers.

BPI-Monitor-1Here's how it works:

  • Inspects available Windows user accounts on your network for browser-saved passwords
  • Checks against weak passwords and password reuse currently active among users in your Active Directory
  • Reports on the accounts affected and does not show/report on actual passwords
  • Simply download the install and run it
  • Results in a few minutes!

Get BPI Now!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:


Subscribe To Our Blog

Ransomware Has Gone Nuclear Webinar

Get the latest about social engineering

Subscribe to CyberheistNews