Passwords are the keys used to lock and unlock the majority, if not all, of the data and information we need to keep safe. In the cyber world, passwords play an even more integral role, where entire cyber systems, government systems and businesses can be brought down if one password is not strong enough.

Using strong passwords is at the forefront of almost all solutions to web security problems or vulnerabilities. Whether you are a government organisation, a business, or an ordinary person, you must create strong and hard-to-predict passwords. In this article, you’ll learn the rules of password creation, its requirements, and how to always generate strong passwords.

What are Passwords?

A password is a sequence of letters, numbers, and symbols that allows access to an account, server, or service. In government organisations and businesses, passwords are one step in the system protection used to fortify cyber defences against cyberattacks. Literally, everything around you in this age of technological advances is password-protected.

Passwords can perform many jobs, whether to grant access, as a verification step, or in conjunction with another verification method such as fingerprint or eye signature. Due to the information they protect, it is advisable to change your passwords every three months, especially those to your online banking account.

Rules to Follow When Creating Your Passwords

While governments have set a general framework for creating passwords and a great number of organisations set their own password policy that users must adhere to, there are general rules when it comes to creating a password, such as:

  • Password length, where some organisations require passwords to be at least 8 characters.
  • Some elements are prohibited, such as your explicit name, birth date, address, or even telephone number.
  • The use of both uppercase and lowercase letters.
  • Numbers must be used.
  • Symbols and special characters must be used.

How to Always Generate Strong Passwords


A rule of thumb is that if the password is easy for the user to memorise, then it is easy for the attacker to guess, especially if the attacker has some knowledge about the user, such as their name or birth date. However, passwords must not be too difficult to remember since this can cause problems for both the user and the system.

A list of the most commonly used passwords was compiled and released by Google in 2013. These were among some of the easiest to guess and crack, especially if the perpetrator can obtain any of these by searching for the person on social media websites:

  1. The name of a family member, partner or pet.
  2. Both birthdays and anniversary dates.
  3. Hometown or birthplace.
  4. Favourite holiday.
  5. Favourite sports team.
  6. Using the word “password”.

The tricky equation would be how to create a password that is both easy to remember and difficult to crack, all because you used a simple technique when creating it. Here are guaranteed steps to always create a strong password:

  1. Length: Strive for a minimum of 12 characters, but remember, the longer, the better. The additional characters significantly increase the number of possible combinations, making it exponentially harder for attackers to crack using brute-force methods.
  2. Complexity: Weave together a combination of uppercase and lowercase letters, numbers, and symbols. This diversity creates a complex combination that resists various hacking attempts, including those that target commonly used dictionary words or simple letter patterns.
  3. Uniqueness: Each account deserves its own unique password. Resist the temptation to reuse the same password across different platforms. If one account succumbs to a breach, your other accounts remain protected.
  4. Avoid Personal Information: Steer clear of incorporating personal details like birthdays, addresses, or pet names into your passwords. This information is often readily available on social media or through other online channels, making it easy for someone to guess your password.

Creating Strong and Memorable Passwords

Creating strong passwords is crucial, but memorising complex strings of characters can be daunting. Here are some clever strategies to craft passwords that are both secure and easy to recall:

Embrace the Passphrase: Ditch single words and weave a tapestry of words meaningful to you. For example, instead of “password,” use a phrase like “MidnightSnack1985!” This blends multiple words, incorporating length and complexity without sacrificing memorability.

Craft a Mnemonic Masterpiece: Utilise a memory aid, like a sentence or song lyric, to recall the sequence of characters in your password. For example, the first letter of each word in the sentence “My favourite food is pizza on Fridays!” can be transformed into “Mfpi0F!”. This method allows you to create a complex password based on something you already remember.

Never Ensnare Your Passwords in Ink: Resist the urge to write down your passwords anywhere, not on sticky notes, scraps of paper, or even in your phone’s notes app. If someone gains access to these physical or digital locations, your security is compromised.

Here are some additional tips to enhance your password creation process:

  • Personalise your passphrase: Consider adding a personal touch to your passphrase by incorporating a special symbol related to its meaning. For example, if your favourite book is “The Lord of the Rings,” your passphrase could be “OneRingToRuleThemAll!”
  • Substitute characters: Replace some letters in your passphrase with numbers or symbols that resemble the original letter. For instance, “S” can be replaced with “$,” “E” with “3,” and “A” with “@.” This adds complexity without sacrificing memorability.
  • Use a password manager: Consider using a reputable password manager to securely store and manage your passwords. This eliminates the burden of remembering numerous complex passwords and allows you to focus on creating strong and unique ones for each account.

Remember, consistency is key. By applying these techniques and creating unique passwords for each account, you can build a robust defence against unauthorised access, ensuring the safety of your online havens.tunesharemore_vert

Common Mistakes to Avoid

While creating strong passwords is essential, it’s equally important to avoid practices that can compromise their effectiveness. Here are some common password mistakes to steer clear of:

  1. Falling Prey to the Obvious: Avoid using weak passwords like “password123” or “123456”. These simple combinations are easily cracked by automated programs and offer little protection.
  2. The One-Size-Fits-All Fallacy: Reusing the same password for multiple accounts is a recipe for disaster. If one account is compromised, all your other accounts using that same password become vulnerable as well.
  3. Sharing is Not Caring: Sharing your passwords with anyone, even close friends or family, is a security risk. If their device gets compromised, your passwords could be exposed, putting your accounts at risk.
  4. The Inconvenience Trap: While it might seem tempting to write down your passwords for easy reference, this practice is highly discouraged. If someone finds your notes, they have immediate access to all your accounts.
  5. Predictable Patterns: Avoid using easily guessable patterns on your keyboard, such as “qwerty” or “1234567890”. These patterns are quickly identifiable and offer minimal protection.
  6. Personal Information Bonanza: Refrain from incorporating personal details like birthdays, addresses, or pet names into your passwords. This information is often publicly available online and can be easily used to guess your password.

Password Security Best Practices

Strong passwords are essential in today’s digital world, but they’re not enough on their own. Here are some key practices to take your account security to the next level:

  • Activate two-factor authentication (2FA) whenever possible: Think of 2FA as an extra lock on your door. Even if someone has your key (password), they can’t enter without the additional code, typically sent to your phone or generated by an app. This significantly raises the barrier for attackers, making it much harder for them to breach your accounts.
  • Beware of phishing scams: Phishing emails and websites try to deceive you into revealing your password or other sensitive information. Be cautious of any unsolicited emails or messages urging you to click on links or download attachments. Always verify the sender’s legitimacy before interacting with any suspicious content.
  • Utilize a password manager: Juggling multiple complex passwords can be challenging. A reputable password manager securely stores and manages your passwords, eliminating the need to remember them all. This not only simplifies your life but also encourages the use of unique, strong passwords for each account, further bolstering your security posture.

Handling Breaches

Even the most cautious individuals may encounter a password breach at some point. Here’s what you should do if you suspect your password has been compromised:

1. Immediate Action

  • Change your password: This is the most crucial step. Create a new, strong, and unique password for the affected account immediately. Don’t reuse the old password or any variation of it.
  • Enable two-factor authentication (2FA): If you haven’t already, activate 2FA for the compromised account and any other accounts where it’s available. This adds an extra layer of security, making it harder for unauthorised access even if your password is compromised.

2. Assess the Damage

  • Check for suspicious activity: Review your account activity for unauthorised logins, settings changes, or unusual purchases. If you notice anything suspicious, report it immediately to the platform or service provider.
  • Scan for malware: Run a thorough malware scan on your device to ensure no malicious software is capturing keystrokes or other sensitive information.

3. Proactive Protection

  • Change passwords for other accounts: If you use the same password for other accounts, change them immediately as well. Remember, using unique passwords for each account significantly reduces the risk of cascading breaches.
  • Monitor for future breaches: Consider using a service that monitors data breaches and alerts you if your email address appears in any compromised databases. This allows you to take proactive steps to secure your accounts.

4. Reporting and Assistance

  • Report the breach: If you believe the breach originated from a specific website or service, report it to their security team. This helps them investigate the incident and improve their security measures.
  • Seek help if needed: If you’re unsure how to proceed or encounter difficulties managing your passwords, don’t hesitate to seek help from a trusted friend, family member, or tech-savvy individual. You can also contact customer support for guidance on the affected platform or service.


Remember, vigilance and prompt action are key in mitigating the damage caused by a password breach. By following the steps mentioned above, you can regain control, minimise potential losses, and strengthen your overall online security posture. Be mindful of these common pitfalls and adopt strong password practices, and you will significantly bolster your online security and safeguard your valuable information.