password security

Strong Passwords: Vital to Security

Vendor information management specialists have heard it before. Strong passwords are vital to security. Their value cannot be overstated. Passwords are gatekeepers to our online identities, financial information, and processes, and they are the first defense against cyber threats. Understanding how to create a robust password is essential for anyone navigating the internet.

Yet, cybersecurity surveys reveal yearly that many people settle for the same simple, weak passwords. Common examples include:

  • admin
  • 123456789
  • password
  • Aa123456
  • 111111
  • P@ssw0rd
  • abc123
  • test
  • guest
  • Welcome@123

Hackers can crack these passwords within seconds! If you’re using any of the passwords above, it’s time to change them immediately.

But what makes a good password? Advice has varied in the past, but the consensus now is that longer is better. Cybersecurity firm Hive Systems has published a table providing guidelines demonstrating the elements of a secure password. It shows how long brute-force hack attacks take to crack passwords of various lengths and character types and mixes.

Passwords may be cracked anywhere from instantly (not secure) to 19 quintillion years (very safe, at least until quantum computing becomes a real thing). Here’s the table.

Password Strength Table

Credit: Hive Systems – see methodology here.

Current Best Practices for Creating Strong Passwords

As the table shows, the best practices for creating secure passwords involve both length and complexity. You should aim for at least 12-16 characters and include a mix of uppercase and lowercase letters, numbers, and special symbols. The longer and more complex the password, the harder it is to crack. Hackers using current hardware and hashes will take a million years or more to crack it.

The challenge of length and complexity is remembering your passwords. Note the plural–another vital safeguard is to use different passwords for everything.

Do not yield to the temptation to use common words and patterns. Steer clear of dictionary words alone, simple sequences (like 12345), repeated characters (like aaaa) and popular phrases (like ‘maytheforcebewithyou’). These are easily predictable and often the first targets during brute force attacks. Also, avoid substituting numbers for letters or vice versa (like L1nc0ln); that is not as clever as we think.

To help you remember, use passphrases instead of passwords. A passphrase is a sequence of words or other text that creates a longer password that is easier to remember and more secure. For example, “BluePuppy!CoffeeMug@9” – combining a few random words with numerals and symbols.

Additional Approaches

Utilize a Password Manager: These tools generate, retrieve, and keep track of long, complex passwords for multiple accounts, so you don’t have to memorize them all. They also help by creating unique passwords for each site.

Enable Multi-Factor Authentication (MFA): Whenever possible, enable MFA. MFA adds an additional layer of security by requiring two or more verification methods to gain account access, such as something you know (a password or PIN) and something you have (a smartphone to receive a verification code).


A strong password is a crucial component of online security. It protects your digital and personal information from unauthorized access and cyber threats. You can significantly enhance your cybersecurity posture by following current best practices for password creation and staying informed about the dangers of weak passwords. Remember, your passwords are the key to your digital life; make them strong and secure.

Similar Posts