How To

How to create a hack-proof password

Authored by a Symantec employee


Passwords are to a hacker like your house keys are to a thief. Think of your passwords as your digital keys. They open the door to your personal digital life, including your networks of friends and colleagues, contacts, photos, videos, emails, and even banking and payment details. This is why you should use strong passwords that can’t be easily hacked instead of weak passwords.

A security suite that helps protect your devices.

Free security software just doesn’t have the resources to keep up with new threats as they emerge. That’s why you need a multi-layered defense to security. Meet Norton Security Premium — protection for up to 10 of your devices.

Hackers easily crack weak passwords

Examples of weak passwords are those that feature common words, include your well-known personal information, or are less than eight characters long. Hackers don’t need to expend much effort to crack these types of passwords. Instead, they can use these three techniques to hack your passwords:

  • Dictionary attacks. This type of attack relies on programs that cycle through a predetermined list of common words or phrases often used in passwords. To protect your accounts from dictionary attacks, avoid using common words and phrases in your passwords.
  • Social media information. Our social media accounts are gold mines of information. Posting photos of your new puppy, Buddy, or displaying the name of your high school may sound harmless. But cybercriminals can use the information you provide to access your accounts. “What is the name of your pet?” and “Which high school did you go to?” are standard security questions your account’s system may ask as part of a password verification process whether it’s you answering or a hacker.
  • Password crackers. Programs called password crackers use brute force to break a password by repeatedly trying millions of combinations of characters until the password is cracked. Shorter and less complex passwords are quicker to guess for these types of programs.

7 simple steps to create a hack-proof password

Creating a hack-proof password can be simple once you follow these easy steps to make your passwords strong and complex:

  1. Never use phone numbers, addresses, birthdays, your SSN, your name, family members’ names, or pets’ names in your password.
  2. Select a combination of uppercase and lowercase letters, numbers, and symbols for your passwords.
  3. Never use common passwords like “123456,” “password,” or “qwerty.”
  4. Make sure your passwords are at least eight characters long. Passwords with more characters and symbols are more difficult to guess.
  5. Don’t use common words or phrases in your passwords. If you want to use them, alter the word or abbreviate the phrase. For example, if you want to use the word “eleven” you can convert it to “e13v3N.” Or if you want to use the phrase “I love to shop” you can change it to “1luv2sh0p.” Make it even stronger by adding symbols and punctuation: “#1Luv2sh0p!”
  6. Opt for two-factor authentication (2FA) or multi-factor authentication whenever offered to add an extra layer of protection to your accounts. For example, in addition to logging in with a username and password, you’ll use an additional code received via text to complete your account login.
  7. Use password management systems, like Norton Identity Safe Password Manager and Generator, to help you create and remember complex passwords.

More ways to protect your password

Now that you have complex passwords, take these easy precautions to further protect them and your accounts.

  • Don’t use the same password across different websites.
  • Never share your passwords with anyone.
  • Change your passwords regularly. Every three months is a good rule of thumb.

How hackers hack passwords

To learn more about how hackers steal passwords, watch this 30-second video.

Our best protection. One low price

Norton Security Premium helps protect up to 10 of your Windows PCs, Macs, Android smartphones or your iPads.

Editorial note: Our articles provide educational information for you. Norton LifeLock offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about cyber safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses.

Norton by Symantec is now Norton LifeLock. LifeLock™ identity theft protection is not available in all countries.

Copyright © 2019 Symantec Corporation. All rights reserved. Symantec, the Symantec logo, the Checkmark logo, Norton, Norton by Symantec, LifeLock and the LockMan logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Android, Google Chrome, Google Play and the Google Play logo are trademarks of Google, LLC. Mac, iPhone, iPad, Apple and the Apple logo are trademarks of Apple Inc., registered in the United States and other countries. App Store is a service mark of Apple Inc. Microsoft and the Windows logo are trademarks of Microsoft Corporation in the United States and/or other countries. The Android robot is reproduced or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution Licence. Other names may be trademarks of their respective owners.