How To: Create a Strong Password

By Ashley J .Perna, C.E.A.How To Guides

“Please create a strong password.”

– literally everywhere on the internet

We see a message like this just about every time we try to do something online. It seems that, especially lately, passwords are required for just about everything – whether you’re trying to access your bank account, checking your email, or even shopping online you’re inevitably going to be asked to create a strong password. 

Which begs some important questions, namely: why do you need a strong password? How can you create one? Moreover, just what is a “strong password” anyway?

What Is A Strong Password?

We say that a strong password is one that is easy for you to remember but difficult for someone else to guess, but what does that mean?

Basically, it means using a combination of letters or numbers or both, depending on the context, to create a password that you can practically use without it being so simple or obvious that others could guess it. 

Why Do You Need a Strong Password?

Simply put, strong passwords ensure that your accounts stay safe and only accessible by you. 

Accounts can be breached or hacked in a few different ways:

  1. Someone you know accesses your account without your consent. 
  2. A piece of malware, like a virus, has infected your computer and stolen your password
  3. A computer program, called an algorithm, is developed with the sole purpose of trying to guess passwords, and it has successfully guessed yours. 

Creating a strong password is your best defense against all three of these methods. 

How to Create a Strong Password

Creating a strong password is more of an art than a science. While there are certain elements that should be there, the rest is up to you. 

Dos and Don’ts

Some general guidelines:

  • Don’t use sequential numbers or letters
  • Don’t use dictionary words
  • Don’t use meaningful dates, like your anniversary, birthdates (of people or pets), etc. 
  • Don’t use things like cities, addresses, names, or other meaningful words or numbers
  • Don’t include any letter or number combinations that can be traced back to you (e.g. don’t use the last 4 digits of your SIN as your PIN, don’t use your pet’s name, etc.)
  • Do combine letters and numbers
  • Do combine different words to create one password
  • Do aim for at least 8 characters
  • Do use a combination of upper and lower case letters

Creating an Alpha-numeric Password: The Sentence Approach

One of the easiest ways to create a password you can remember that will be difficult for others to guess is to use the sentence approach.

  • Step One: Think of three or four Random Words
  • Step Two: Come up with a strange yet memorable sentence containing your Random Words from Step One above
  • Step Three: Replace some of the letters in your Random Words with numbers and try to “disguise” the words
  • Step Four: Squish it together
  • Step Five: Play around with capitalization.

For example:

  • Step One – My random words: Arkells, coffee, Picton
  • Step Two – My sentence: Arkells drinking coffee in Picton
  • Step Three – My replacements: 4rkls Coff3 P1ctn
  • Step Four – My squished word: 4rklsCoff3P1ctn
  • Step Five: My final password: 4rklsCoff3p1ctn
  • Tip: If you have a tight character limit, such as 8, replace whole words with initials or numbers, like: ACf33p1c 

Creating a Numerical Password: The Short Word Approach

What if you need to create a PIN or other numeric password? 

One common approach is to think of a short word, and then think of numbers you would associate with that word. However, avoid using your phone’s keypad to spell out words in numbers. For example, if you like the word SAFE, don’t use “7233” (the numbers on a phone pad that correspond with the letters S-A-F-E). Instead, try to think of numbers you would associate with that word, like: 2473 (with the 4 representing “A” and the 3 representing “E”). 

Alternatively, you could push two different numbers together to create one four-digit number. 

For example, you could use the years you saw your two favourite concerts:

  • Two best shows I saw were in 2009 and 2022 (both Arkells concerts, btw)
  • So my PIN could be: 0922

Or you could use the day your favourite movie came out:

  • Return of the Jedi was released May 25, 1983
  • So my PIN could be 0583 or 2583 or 0525

Keeping Your Passwords Secure

Once created, your next job is to keep your strong passwords secure. 

Don’t Share

A huge part of this is not sharing your passwords with other people. While you may trust your best friend or your children, you can’t always account for their actions or the actions of others. For example, you might email a password to your child, and then they might lose their phone. Or your best friend might allow her browser to “remember” your password, accidentally giving anyone who uses the family computer access to your accounts in the process.

When To Change Your Password

If you are dealing with highly secure or sensitive information, it might be wise to change your passwords once every few months.  

But Don’t Change Too Often

However, for the average person sending or receiving personal, but not highly confidential or sensitive, information, it’s only recommended that you change your passwords:

  • Once every few years
  • If you’ve been a victim of a data breach
  • If there was malware on your device
  • If you haven’t used the account in a while
  • If you’ve logged into the account using someone else’s device
  • If you have previously shared your password

Upcoming articles will discuss how to safely store your strong passwords and what to do if you think your passwords have been compromised.

By Ashley J .Perna, C.E.A.

Ashley J. Perna is a paralegal student and tech enthusiast with over 15 years of experience as a law clerk, most recently working in the area of estate law and with a focus on digital assets. Passionate about simplifying lives through technology, Ashley is on a mission to demystify technological complexities and empower others to navigate the digital world with ease.

Leave a Reply

Your email address will not be published. Required fields are marked *