You’ll need (multiple) strong passwords if you want to do just about anything online. From posting content to purchasing products, almost all of our online accounts require some form of password to gain access. No matter how secure you believe your accounts to be, no amount of privacy settings will protect you from a weak and easy-to-guess password.

While it may be much easier to set one short, simple password for all your accounts, it could be detrimental to do so. If all your accounts share a password, the only thing a hacker needs to do is crack one password to access everything. Once that’s happened, they’ll simply reset all your passwords and then there’s very little chance of you regaining access to your accounts.

One of the most common mistakes people make when setting new passwords is basing them on personal information, such as names of family members, birthdays, pets’ names, email addresses or physical addresses. This information is often already online, so it wouldn’t be difficult for a hacker to guess. Another downfall is having a password that is far too short. Passwords should be at least 6 characters long, however, the longer the password, the more secure your account is.

It’s recommended that your password is around 12 characters long and includes upper and lower-case letters, numbers, symbols, and punctuation marks. Your password should be random in the sense that it isn’t easily linked to your personal information, and unique to that specific account.

For example, Bobby is setting up his new Facebook page and has decided to use his name, his wife’s name, and the year they got married as his password.

Password: bobbykatie1999   

While it does meet the length requirement, this password is still very weak. It contains no uppercase letters or punctuation marks and uses way too much personal information. Instead, Bobby could try making it longer by using a phrase instead of words and using a custom acronym that is easy to remember.

New password:  1B<39h9w9K!

The new password is slightly shorter but looks entirely random. It would be extremely difficult for a computer to crack, let alone a human being. If we break the acronym down, or rather extend it to its original form, we’ll get “Bobby Loves His Wife Katie”, or “B<3hwK”. We’re using numbers and symbols to create a heart, which replaces the word “loves”. It still contains their wedding year, however, it is broken up throughout the password, instead of reading as a year. The new password contains upper and lower-case letters, numbers, a symbol, and a punctuation mark.  

The most secure passwords are randomly generated strings of letters, numbers, symbols, and punctuation. The only issue is remembering complex passwords like these. That’s where a password manager comes in. Password managers, like LastPass, allow you to store all your login information in a secure digital vault. It can only be accessed through the “Master Password”, which means you only need to remember one long, strong, and complex password. Most password managers have built-in password generators to create complex and unique passcodes, which will automatically be saved to your vault.

Keep these tips in mind the next time you create a new account or reset a password. You might even find that you want to go back and update some of your previous passwords.