How to create strong passwords, and why you should care.
By 
There are a number of irritating things experts insist you must do for your own good: eat nine servings of veggies a day; maintain a diverse retirement portfolio; check your transmission fluid every month. Most of us ignore a lot of this advice, because there’s no end to it, and our lives are complicated enough.
Photo by Kit
As a habitual good advice ignorer myself, I realize that when I tell you I’m here today to talk about passwords, you’ll want to tune me out. But wait! Good password hygiene is more important than flipping your mattress.
Think of your passwords as keys to your online house. You wouldn’t have the same key unlock your house, your office, your car, and your safety deposit box, would you? So why would you use the same password for your blog, PayPal, your bank’s website, your email, and any number of other sites and online services?
Yet many people do. And just as you wouldn’t lock up your house with a sailor’s knot, why would you lock up your blog with your easily guessed pet’s name?
Password Dos and Don’ts:
- DO use strong, long passwords.
- DO use a different password for each account.
- DO invest in a password manager.
- DON’T write your passwords down, email them, or share them with anyone.
- DON’T forget to log out on shared computers.
- DO enable two-step authentication where available.
It’s extremely important to protect yourself online. Were a hacker to crack your WordPress.com password, they could permanently delete everything on your blog before you even knew they were in it, and as devastating as that would be, it’s nothing compared to the pain of identity fraud.
Not to alarm you — at WordPress.com, we monitor potentially harmful activity to ensure there is no unauthorized access to your content, and we take security very seriously. Even so, it’s important that you protect yourself as well. Here’s how:
Create strong passwords
When I say strong, I don’t just mean difficult for a person to guess. (I’d hope that all of you know better than to use one of these 25 most-used passwords.) Hackers use computer programs to break passwords, so even if your selected password is bizarre or random, that doesn’t mean it’s strong enough.
Many login forms prompt you to create a password of random letters, numbers, and symbols. But such a password (for example, jal43#Koo%a) is actually very easy for a computer to break. The latest and most effective types of password attacks can attempt up to 350 billion guesses per second, and hackers are continually improving their efforts.
Instead, try using four or more random words in a long string, or passphrase, as described in this comic from xkcd.com:
Courtesy of xkcd.com
Use unique passwords and a password manager
Now that you have your strong passphrase, don’t turn around and use the same one for all of your sites. You should use a unique password for every, single site that you log into online.
Naturally, it’s difficult, if not impossible, to remember all of those different passwords, though. And you should never store your passwords in a text document on your hard drive, or write them down on a piece of paper, as these methods are kind of like putting all of your money into a shoebox and locking it in the trunk of your car.
Instead, use a password manager, such as LastPass, 1Password, or one of the additional password managers we suggest here. With a password manager, you need only remember one single strong master password. That password will unlock the password manager, which will integrate with your browser to unlock all of your online services without your having to remember any of them.
Not all are free, and it might be an afternoon’s time investment to put all your passwords into the password manager (not to mention change your existing weak passwords to stronger ones), but it’s time and money very well-spent.
Other tips
Additionally, if you ever use a shared computer, be sure to explicitly log out of all of your accounts before leaving it. Browsers sometimes remain logged into websites for convenience, and you don’t want your account to be accessible to the next person who comes along.
Warning! Never, ever email your password to anyone, even support staff of the online service you’re attempting to use. If anyone ever asks you to provide them with a password over email, you should be very suspicious and should probably refuse.
And finally, many services (including WordPress.com) are now providing two-step authentication, which sends a code to your mobile phone when you log in. This is very secure, because a remote hacker will not have access to your mobile device and so even if your password is cracked, two-step ensures that your account stays safe.
I hope that I’ve convinced you to start taking steps to improve your online security. It’s a hassle, sure, but as with most annoying good advice, it becomes easier to follow the more you make a habit of it. Now, go eat some broccoli!
Currently blogless? You’re a click away from sharing your story.
Create your blog at WordPress.com
The Daily Post 
I wrote a post about Passwords a couple months ago, and showed my clients an easy way to create the more difficult to crack passwords that are easier to remember. Since this post – most of them have updated their passwords 🙂
Blog Post: I Hate those [$3*2)#$%abgobbledegook] style passwords! How can I make a password Hard to Crack yet Easy to Remember?
http://buildyourownwebsitetoday.com/creating-strong-passwords/
LikeLike
One of my friends changes password for banking – everytime he does some online shopping. When asked, he says it makes sense to change password for security purpose.
I think it is a good way to secure banking. Any suggestion for it.
LikeLike
I’m hoping this doesn’t happen to me. Unfortunately, crooks exist and it’s better to be safe than sorry. Which reminds me, I gotta go change my password!
http://pressedupinabook.com
LikeLike
I forget mine as soon as created, write them down and lose the paper written on!
LikeLike
Hahahahahahahahaha! Funny.
LikeLike
One good way of not losing passwords Nana, is to write them in a small address book. It works for me 😀
LikeLike
Useful advice about long passwords. Not so convinced about password managers as opposed to paper – last time I checked it was not possible to hack a piece of paper! The chance of a burglar breaking into my home and finding it is remote, why would they bother, and they can be well hidden.
LikeLike
Passwords are the bane of my life! I have three email accounts, which I use for different things. One is dedicated to writing, one for friends/family and another for shopping. That means three passwords. Then there are several bank accounts — more passwords. Not to mention Facebook, WordPress, Supermarket etc, etc. I do quite a bit of online shopping, and I prefer it if the site uses PayPal as one of the options of paying. Recently I was speaking with my bank, and they suggested they open a separate account for me dedicated to online shopping. When I want to shop online, I transfer money from my main account to that account and just leave a balance of $5. If anyone were to try and hack my bank account, all they are going to get is $5. Unfortunately, because there are some evil people around, passwords themselves are a necessary evils.
LikeLiked by 1 person
Yes! What you said… and worse is when you type in your password correctly and the site says it doesn’t recognize it. Which has happened to me on my word press mobile account many times. I got rid of two step authentication, because most of the time I couldn’t even get in.
That mini-rant completed, I do appreciate this post and the tips. I’m off to think up some good 4 word phrases…
LikeLike
Excellent advice, too often with computers we choose the complex path when a more simple and effective solution is right in front of us.
LikeLiked by 1 person
I’ve been using LastPass for a few years now and it’s great for keeping up with all of the logins and passwords you have to create. Highly recommended!
LikeLike
worth reading..!!
LikeLike
I hope we find a new solution to this password nonsense…it’s too much!
LikeLike
…but good advice 🙂
LikeLike
Good advice. And I shall not ignore. You’re right it’s very important!
LikeLike
Hi!!-Yes I loved it!-The very issue of passwords has always been worth my attention because you can always win, one of my old long passwords was 7TofuRed- Like SOUP514 these were all meant to be environmental sounding passwords to the ears but they cost me a lot to make up in the long run I finally accepted my mistakes and realize your expert advice cleared things up in 4 minutes so thank you I haas a good time with the help you gave me Elizabeth!-Take Care!
LikeLike
Love it!
LikeLike
sehr schÖn
LikeLike
Very useful stuff and great tips. You made things simple to understand by giving perfect example of online house and key. I will take care. Thanks!
LikeLike
This is an excellent post. Thanks!
LikeLike
It is impossible to have the same password for everything.
LikeLike
This article, although it was informative, didn’t really excite me, however, The image of the keys has given me inspiration for a short story, maybe I will share it when I get it finished
Thank you for that
LikeLike