Skip to main content
SECURITY

Tips for creating strong and secure passwords (you’ll actually remember) 

What we'll cover

  • Best practices for creating secure passwords

  • Tips for remembering your passwords

  • Other tools to help you keep your online data safe

Managing an endless stream of passwords is now a fact of life. The temptation to get complacent and use the same one on repeat is real. But experts warn that strong and varying passwords are key to keeping your personal information safe. Now is the time to commit to stronger passwords for all of your online accounts and devices. Here’s how:

Create more secure passwords with these three things in mind

Some sites have a password strength meter of some kind (those prompts that let you know how strong your proposed password is), but many don’t. So it’s up to you to create strong passwords. While there’s no one way to build a memorable, hard-to-break password, the good ones do have some things in common:

  • They’re long (aim for at least 10 to 12 characters, but 16 to 18 or even 20 is even better)

  • They avoid common names, places and dictionary words

  • They use a random mixture of uppercase and lowercase letters along with numbers and symbols

Of course, creating strong passwords is one thing, remembering them is another. Read on for ideas on how to manage and remember your secure passwords.

Try turning a sentence or phrase into a password

Creating strong passwords is one thing, remembering them is another. To give your brain a break, consider a sentence or phrase you can easily recall. Combine that approach with the tips from above — by spelling out the phrase with letters, numbers and symbols — and you’ll be on your way to a secure password. For example:

  • I used to live in Wisconsin= iu$ed2l!vNW!

  • Summer rain clouds = suM3rra!nclwdZ

For sites that don’t allow the use of symbols, get creative with punctuation and capitalization. Be sure you don’t simply replace letters with numbers, as many code-breaking software programs scan for those simple tricks. And don’t use family names, birthdays, anniversaries, or common phrases from literature. The more nonsensical it appears to others, the better.

Quick tip: While symbols and numbers are a great way to mix up your passwords, avoid common letter substitutions like @ for a and 0 for o.

By enabling multi-factor authentication when possible, you can add another barrier between your personal information and cybercriminals.

Give your memory a fighting chance

If you want to harness the power of a memorization method backed by science, apply the PAO (Person-Action-Object) method to your password creation. With this method, you visualize a person, an action, and an object, then create a story for those images. The more unusual, the better. For instance, if your words are:

Person: Oprah
Action: cooking
Object: spaceship

Then our story would be: Oprah cooking in a spaceship. The easier it is to visualize and remember, the better. Once you have that story down, create a password using the tips from above, like OPcK!ngs8shIp.

Quick tip: Don’t base your password on easy things to figure out about you like your birthday or address.

Don’t reuse the same password

Tempting as it is, using the same password for all your devices and accounts is the virtual equivalent of putting all your eggs in one basket. If one of the sites you frequent experiences a data breach, your information could be compromised everywhere you use the same password.

Enable multi-factor authentication

Many sites and services have added additional layers of security to help protect users and avoid account breaches. By enabling multi-factor authentication when possible, you can add another barrier between your personal information and cyber criminals. Depending on the site, it may email or text a code to confirm your identity every time you log on.

Sign up for a password management service

Another way to keep track of your passwords is to sign up for a password management service. These services encrypt and store your passwords for you and even generate random new passwords when needed. Some are free and some come with a fee, it just depends on what works best for you.

You generally will need to remember a single master password that allows you to access your stored information. The best password management services integrate with your browser or mobile device. If you think this sounds like the way to go for you, simply search for a reputable provider and make sure you understand the terms of use.

Quick tip:  It may seem convenient, but don’t save your passwords or other login information in your browser. Cybercriminals can easily extract that information if your computer is ever hacked, making a bad situation worse.

Protecting your information is worth the effort

Creating and maintaining strong passwords may require a little creativity up front, but protecting your information is worth the effort. Victims of identity theft spend countless hours trying to resolve the credit problems, financial disputes and legal issues that result from the crime.

In addition to creating strong passwords to help protect your personal identification, remember to take a few other security precautions too. Choose a biometric authentication method, like fingerprint or facial recognition, whenever possible. Ensure that your computer’s antivirus and antispyware software are up to date, take care when using public Wi-Fi networks, and beef up the security of your own home wireless network.

Explore more

Save Spend Budget

Read next

Money solutions and strategies sent straight to your inbox.

Tips and tools to help you build your best financial future.

Let's Connect