How to make a strong password

How to make a strong password

The 10 worst passwords have been unveiled – if one of these is yours, we'll show you how to make a stronger one.

Reena Sewraz

Rights, Scams and Politics

Reena Sewraz
Updated on 20 October 2017

New data reveals the 10 worst passwords that criminals could crack in less than a second.

While they may be easy to remember, research from online retailer highlights how sequential numbers dominate the list.

If by some chance you have opted for one of the following to keep your data safe, we’d recommend changing it at your soonest convenience.

  • 123456
  • 1234567890
  • 123456789           
  • 1234567
  • qwerty                   
  • password
  • 12345678             
  • 123123
  • 111111                      
  • 987654321

Another common option is to use personal information, such as a date of birth or a pet's name as these are also memorable.

Sadly, they’re also really insecure as they can easily be glean from social media profiles.

According to AO, a date of birth separated by full stops, for instance, would take a hacker just 13 seconds to crack.

How to make a strong password

A strong password is the first line of defence against hackers and the most important way to guard against cybercrime. It’s estimated that two million cybercrime offences were committed last year costing us £11 billion.

In the UK the National Cyber Security Centre (NCSC) part of GCHQ recommends using three random words to create a strong password.

Numbers and symbols can also be used to strengthen it, but the NCSC says using three random words is the key element that will beat hackers.

A spokesperson from the National Cyber Security Centre said: “Our research shows that the best way to make a password memorable and strong is to use three random words.

"It doesn't matter what inspires you - from watching sport to going out for a bite to eat, thinking random is the best way to keep yourself secure online”

Your most important accounts to protect are your email, social media and online banking accounts, so it’s important to use strong, separate passwords for each of these.

Government statistics show that only 35% of people in the UK are following the latest advice to make a strong password meaning nearly two thirds are putting themselves at risk.

The original password guidelines from America’s National Institute for Science and Technology written by Burr have recently been updated to do away with the old rules.

The new guidance is like the UK’s advice. It is centred around using long but easy-to-remember ‘passphrases’ that don’t need to feature special characters or numbers.

Using something like “horsecarrotsaddlestable” would take an estimated one trillion years for a cyber-attack bot to crack, compared to one minute for “P@55w0rd”. 

How to remember strong passwords

If you’re struggling to remember your super safe passwords, the Government has two ways to make it easier:

1.Loci method

Think of a familiar scene and place each item that needs to be remembered in a particular location i.e. red rose on the table, book on chair, poster on wall. Imagine yourself looking around the room in a specific sequence.

Re-imagine the scene and the location of each item when you need to remember it.

2.Story methods

Remember a sequence of keywords by creating a story and including memorable details e.g. ‘the little girl wore a bright yellow hat as she walked down the narrow street…’.

How to remember lots of different passwords

You should obviously avoid using the same passwords for everything. Using just one means if it’s cracked it could potentially act as a master key to unlock all your accounts.

It’s estimated that people have more than 30 different accounts to manage with varying passwords and PINs, which is a lot for anyone to remember.

It can be tempting to write these all down, but a better and safer way to keep track of your varying passwords is by using a password manager.

This type of software encrypts all your different passwords in one place and you only need to remember one password to access them.

For more on this, check out our guide: Password managers: everything you need to know.

Check your credit report for signs of suspicious activity like identity fraud

Most Recent