SkipToMainContent

Device Security

Help secure your accounts with these strong password tips

April 15, 2022

It’s no secret that passwords have substantial monetary value to cybercriminals. The importance of using secure, unique passwords is growing as you entrust increasing amounts of personal information to organizations and businesses that can fall victim to data breaches and password leaks. Although there may be little you can do to prevent a large-scale data breach, you can take the precaution of making sure you craft strong usernames and passwords for your online accounts.

How to create a strong password

Follow these tips to help yourself craft unique, complex passwords.

Do not use personal information

Don’t use your name or names of family members or pets in your passwords. Don’t use numbers like your address, phone number, or birthdays, either. These can be publicly available, on forms you fill out or on social media profiles, and easily accessible to hackers.

Do not use real words

Password cracking tools are very effective at helping attackers guess your password. These programs can process every word in the dictionary, plus letter and number combinations, until a match is found. Steer clear of using real words from the dictionary or proper nouns or names.

Instead, use special characters. By combining uppercase and lowercase letters with numbers and special characters, such as “&” or “$,” you can increase the complexity of your password and help decrease the chances of someone potentially hacking into your account.

Create longer passwords

The longer the password, the harder it may be to crack. Try for a minimum of 10 characters.

Modify easy-to-remember phrases

One tip is to think of a passphrase, like a line from a song, and then use the first letter from each word, substituting numbers for some of the letters. For example: “100 Bottles of Beer on the Wall” could become “10oBb0tW”.

Don’t write them down

Resist the temptation to hide passwords under your keyboard or to post them on your monitor. Stories about hackers getting passwords by rummaging through trash, also known as dumpster-diving, are absolutely real.

When you type your password in a public setting, make sure no one is watching or looking over your shoulder.

One way to store and remember passwords securely is to use a tool that keeps your list of usernames and passwords in encrypted form. Some of these tools, called password managers, will even help by automatically filling in the information for you on some websites.

Change passwords on a regular basis

Passwords for your online financial accounts should be changed every month or two. Computer login passwords should be changed at least once a quarter. Using the same password for longer periods could put your information at risk if a data breach occurs.

Use different passwords on different accounts

Don’t use the same password on more than one account. If a hacker cracks it, then all of the information protected by that password on other accounts could also be compromised. Norton Password Manager to help create unique and strong passwords.

Do not type passwords on devices or networks you do not control

Never enter your password on another person’s computer. It could be stored without your knowledge.

When using your devices on public Wi-Fi, you should avoid visiting websites that require you to log in to your account, such as online banking or shopping. When you’re on an unsecured public network, your unencrypted data could be intercepted by a nearby hacker. To protect yourself from these threats, you should always use a virtual private network (VPN), like Norton Secure VPN, when on a public Wi-Fi connection.

What is two-factor authentication, and how does it work?

Two-factor authentication, or 2FA, is a method of verifying your identity that adds a second layer of security to your account password. Types of two-factor authentication can include any of the following:

  • Something you know: a PIN number, password, or pattern
  • Something you have: an ATM or credit card, mobile phone, or security token
  • Something you are: a biometric form of authentication, such as your fingerprint, your voice, or your face

Extra security for your passwords

With two-factor authentication (2FA), you get an extra layer of security that hackers may not be able to crack as easily, because the criminal needs more than just the username and password credentials. You may already be using 2FA without realizing it. Your ATM card is an example, combining your physical card and your PIN.

Remember that nothing is 100% secure, and even 2FA can be vulnerable to hackers. If a cybercriminal gains access to the email account associated with your 2FA information, they could reset your password by selecting “Lost/Forgot password” on a given site’s login page. This password recovery option could completely bypass 2FA and allow the hacker to create a new password, locking you out of your account. Be sure to monitor your email account for messages requesting password changes.

Norton Password Manager is included in all Norton 360 plans. It provides you with the tools you need to create, store, and manage your passwords, credit card information, and other credentials online - safe and in a secure vault. Norton Password Manager:

  • Securely stores and remembers all your usernames, passwords and more so you don’t have to
  • Automatically fills in your usernames and passwords for you
  • Let’s you access usernames, passwords and other profile information from your Mac, PC or mobile device
  • Securely stores addresses and other important information to help fill in online forms for fast online checkout
  • Warns you of suspicious sites while you surf and search the web on your mobile device

Passwords are just one piece of the protection puzzle. You’ve got a subscription to Norton to protect your computer against viruses and malware. Upgrade to Norton 360 to get Password Manager and to provide you with multiple layers of protection for your devices, online privacy and identity.

Healthy passwords for a healthy online life.

Secure. Smart. Simple. Designed to help create and store hard-to-break passwords so that you don’t have to remember them. *


Don’t have our one of our newest Norton 360 plans yet?
Click here to upgrade.


No one can prevent all cybercrime or identity theft. Not all products, services and features are available on all devices or operating systems. System requirement information on norton.com
§ Dark Web Monitoring in Norton 360 plans (without LifeLock) defaults to monitor your email address only. Log in to your account to enter more info for monitoring purposes. If you are a current LifeLock member, you can manage those settings in the LifeLock member portal.


Editorial note: Our articles provide educational information for you. NortonLifeLock offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about cyber safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses.

Copyright © 2022 NortonLifeLock Inc. All rights reserved. NortonLifeLock, the NortonLifeLock Logo, the Checkmark Logo, Norton, LifeLock, and the LockMan Logo are trademarks or registered trademarks of NortonLifeLock Inc. or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Android, Google Chrome, Google Play and the Google Play logo are trademarks of Google, LLC. Mac, iPhone, iPad, Apple and the Apple logo are trademarks of Apple Inc., registered in the U.S. and other countries. App Store is a service mark of Apple Inc. Alexa and all related logos are trademarks of Amazon.com, Inc. or its affiliates. Microsoft and the Window logo are trademarks of Microsoft Corporation in the U.S. and other countries. The Android robot is reproduced or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution License. Other names may be trademarks of their respective owners.