Top 5 tips for choosing strong passwords

Someday, the FIDO alliance (or somebody) will make it so we don’t need passwords. Until that day, you need them and you need to choose strong ones. Here are five tips for choosing strong passwords.

SEE: Identity theft protection policy (TechRepublic Premium)

1. 10 characters minimum. The longer the better. A 10-character password takes at least four months to brute force crack, 11 characters takes a decade, 12 characters takes two centuries… So yeah, longer is better.
2. Break up common words with random characters. Like a slash after the o in horse, a random number three in between the two ts in battery, or a close bracket before the l in staple. This is a way to use a passphrase which is easier to remember, but makes it much harder to guess.
3. Use a number. Put it somewhere beside the beginning or end and don’t use the number one. Most people make a password “secure” by adding a one to the end. Likewise, use another special character besides an exclamation mark–most people use an exclamation mark, and the attackers know this.
4. Capitalize at random. Yes capital letters make it harder to crack, but most people just capitalize the first letter. Don’t do that. Capitalize literally any other letter.
5. Use a password manager. Free yourself from having to create these passwords yourself. A good password manager will make randomized passwords that are difficult to crack and it takes the pressure off you.

Hopefully these tips will help get you through the long password-laden world until we reach that password-free secure future.

Subscribe to TechRepublic Top 5 on YouTube for all the latest tech advice for business pros from Tom Merritt.

Also see