Password security: How to create strong passwords in 5 steps

If you look back on the first time you created a password — be it for an email account or social media platform — you were probably told to think of a unique and complex password to help protect your information. Password security has always been relevant, but it has become even more so today as cybercriminals continue to think of new and innovative ways to hack accounts and get ahold of your personal data. 

In order to keep your accounts, information, and devices Cyber Safe, you'll need to know how to create a strong password. But you may be asking yourself, “What is a good password?” 

How to create a strong password

Here are instructions on how to create a strong password that you can rely on:

1. Never use personal information: Strong passwords shouldn’t include references to personal information such as names, birthdays, addresses, or phone numbers.
2. Include a combination of letters, numbers, and symbols: Secure passwords include a variety of random characters, numbers, and letters to make the password more complex.
3. Prioritize password length: Safe passwords should be at least 16 characters long to lessen the chances of falling victim to a data breach or cyberattack. 
4. Never repeat passwords: Reusing the same password for different accounts puts you at risk of credential stuffing attacks frequently used by cybercriminals. 
5. Avoid using real words: Hackers use malicious programs that can process every word found in a dictionary to crack passwords. Stay away from using proper nouns and other standalone dictionary words that could lead to an unsecure password. 

Why is password security important?  

With 68 percent of people reusing the same security password for different accounts, it's needless to note that the majority of people need to rethink their password security. Hackers have been diligent in ideating new techniques to steal your information, putting your data, privacy, and cybersecurity at risk.   

Without having password security best practices top of mind, individuals and businesses alike could be leaving themselves open to cybersecurity threats. Some potential consequences of weak password security include:

• Data breaches
• Identity theft
• Computer hijacking
• Blackmail
• Loss of privacy  

Inadequate password security could not only endanger the Cyber Safety of individuals and customers, but also could lead to financial troubles. Cybercriminals are often looking for ways to access personal banking information or use ransomware to make themselves a profit. Businesses and individuals within the U.S. lost nearly $4.2 billion to cybercrimes within the last year alone.

How does a password get hacked?

 

There are many ways for cybercriminals to hack the security passwords you took the time to dream up. Here’s a list of a few commonly used techniques to look out for.  

Dictionary attacks  

Dictionary attacks are a type of brute force cyberattack. Hackers use malicious programs to scan and test every word within a dictionary as a person’s password. These types of cyberattacks are why we emphasize the use of different letters, numbers, and symbols when creating secure passwords.

• Password Security Tip: Avoid real words and incorporate a variety of letters, numbers, and characters. 

Phishing scams 

Phishing is a type of social engineering scam that tries to trick users into supplying their login credentials online. Hackers use malicious links and cloned websites to imitate legitimate businesses, presenting a fake form to input your login information.  

• Password Security Tip: Always check the links you’re clicking on and take advantage of the Norton Smart Firewall to block suspicious traffic and malicious attacks. 

Password spraying

Password spraying is a hacking technique that cybercriminals use to guess the passwords of their potential victims. The method uses an extensive list of frequently chosen passwords to test against an individual’s username. If there is a match, the hacker will get access to the account information.  

The remedy for this type of cyberattack falls back on creating strong, unique passwords and avoiding easy-to-remember phrases, which makes password spraying incredibly difficult for the cybercriminals at large.  

• Password Security Tip: Don’t fall back on commonly used passwords, such as “12345” or “qwerty.” Instead, use Norton Password Manager, included in your subscription, to create unique passwords and safely store them for each of your online accounts. 

Keylogging 

Keylogging involves the installation of malware that can track a person’s keystrokes as they type on their computer. Though these attacks are more difficult to pull off compared to phishing and password spraying attacks, it could lead to a hacker figuring out usernames and passwords if they pay enough attention.

Because the attacker is able to see what you’re typing, creating a strong password really won’t do anything to protect you. Get the full value of your Norton 360 subscription by installing protection on all of your devices to alert you of a potential keylogging threat on your device.

• Password Security Tip:  Install Norton 360 on all your devices to monitor against potential malware threats. 

Credential stuffing attacks 

Not to be confused with password spraying, credential stuffing uses known passwords to gain access to account information. This differs from password spraying because the passwords tested during credential stuffing attacks are stolen credentials obtained in a previous data breach.

Protecting yourself against credential stuffing mainly involves remembering to never reuse the same passwords for different accounts — no matter how unique it may seem. This endangers your most sensitive data, which could put you in an undesirable situation.  

• Password Security Tip: Create unique passwords for each of your online accounts and store them safely in your encrypted online vault with Norton Password Manager. 

Password security is important, but it’s only one part of your cybersecurity puzzle. To create a reliable cybersecure ecosystem for yourself, you’ll want to think about all the ways you can protect your devices, from installing Norton 360 on all of your devices to using Norton Password Manager to create and safely store stronger passwords in your own encrypted, online vault. Adopting this kind of mindset will make you a tough match against the tricks cybercriminals have up their sleeves.