How to create a hack-proof password
Authored by a Symantec employee
Passwords are to a hacker like your house keys are to a thief. Think of your passwords as your digital keys. They open the door to your personal digital life, including your networks of friends and colleagues, contacts, photos, videos, emails, and even banking and payment details. This is why you should use strong passwords that can’t be easily hacked instead of weak passwords.
Device security, Dark Web Monitoring powered by LifeLock and a VPN–up to 65% off*
NEW Norton 360 has multiple layers of protection including a VPN for online privacy.
Hackers easily crack weak passwords
Examples of weak passwords are those that feature common words, include your well-known personal information, or are less than eight characters long. Hackers don’t need to expend much effort to crack these types of passwords. Instead, they can use these three techniques to hack your passwords:
- Dictionary attacks. This type of attack relies on programs that cycle through a predetermined list of common words or phrases often used in passwords. To protect your accounts from dictionary attacks, avoid using common words and phrases in your passwords.
- Social media information. Our social media accounts are gold mines of information. Posting photos of your new puppy, Buddy, or displaying the name of your high school may sound harmless. But cybercriminals can use the information you provide to access your accounts. “What is the name of your pet?” and “Which high school did you go to?” are standard security questions your account’s system may ask as part of a password verification process whether it’s you answering or a hacker.
- Password crackers. Programs called password crackers use brute force to break a password by repeatedly trying millions of combinations of characters until the password is cracked. Shorter and less complex passwords are quicker to guess for these types of programs.
7 simple steps to create a hack-proof password
Creating a hack-proof password can be simple once you follow these easy steps to make your passwords strong and complex:
- Never use phone numbers, addresses, birthdays, your SSN, your name, family members’ names, or pets’ names in your password.
- Select a combination of uppercase and lowercase letters, numbers, and symbols for your passwords.
- Never use common passwords like “123456,” “password,” or “qwerty.”
- Make sure your passwords are at least eight characters long. Passwords with more characters and symbols are more difficult to guess.
- Don’t use common words or phrases in your passwords. If you want to use them, alter the word or abbreviate the phrase. For example, if you want to use the word “eleven” you can convert it to “e13v3N.” Or if you want to use the phrase “I love to shop” you can change it to “1luv2sh0p.” Make it even stronger by adding symbols and punctuation: “#1Luv2sh0p!”
- Opt for two-factor authentication (2FA) or multi-factor authentication whenever offered to add an extra layer of protection to your accounts. For example, in addition to logging in with a username and password, you’ll use an additional code received via text to complete your account login.
- Use password management systems, like Norton Identity Safe Password Manager and Generator, to help you create and remember complex passwords.
More ways to protect your password
Now that you have complex passwords, take these easy precautions to further protect them and your accounts.
- Don’t use the same password across different websites.
- Never share your passwords with anyone.
- Change your passwords regularly. Every three months is a good rule of thumb.
How hackers hack passwords
To learn more about how hackers steal passwords, watch this 30-second video.
Editorial note: Our articles provide educational information for you. Norton LifeLock offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about cyber safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses.
Copyright © 2019 NortonLifeLock Inc. All rights reserved. NortonLifeLock, the NortonLifeLock Logo, the Checkmark Logo, Norton, LifeLock, and the LockMan Logo are trademarks or registered trademarks of NortonLifeLock Inc. or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Android, Google Chrome, Google Play and the Google Play logo are trademarks of Google, LLC. Mac, iPhone, iPad, Apple and the Apple logo are trademarks of Apple Inc., registered in the U.S. and other countries. App Store is a service mark of Apple Inc. Alexa and all related logos are trademarks of Amazon.com, Inc. or its affiliates. Microsoft and the Window logo are trademarks of Microsoft Corporation in the U.S. and other countries. The Android robot is reproduced or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution License. Other names may be trademarks of their respective owners.
No one can prevent all identity theft or cybercrime. Not all products, services and features are available on all devices or operating systems. System requirement information on norton.com.
*Important Subscription, Pricing and Offer Details:
- The price quoted today may include an introductory offer. After that, your membership will automatically renew and be billed at the applicable monthly or annual renewal price found here.
- You can cancel your subscription at my.norton.com or by contacting Member Services & Support. For more details, please visit the Refund Policy.
- Your subscription may include product, service and /or protection updates and features may be added, modified or removed subject to the acceptance of the Customer Agreement.
The number of supported devices allowed under your plan are primarily for personal or household use only. Not for commercial use. If you have issues adding a device, please contact Member Services & Support.
§ Dark Web Monitoring in Norton 360 plans defaults to monitor your email address only. Please login to the portal to review if you can add additional information for monitoring purposes.