To keep your accounts secure, make a strong password that's difficult to guess and store it in a password manager so you won't forget. A super-strong password is more resistant to guessing, so it's unlikely to be found in a brute force dictionary hack.
Examples of Bad Passwords
Hackers and computer intruders use automated software to submit hundreds of guesses per minute to user accounts and attempt to gain access. These tools use lists of dictionary words to guess the password sequentially. Some tools add common symbols, numbers, or signs that may be added to the password to make it more complicated.
Never use password as your password. A surprising number of people make this mistake.
Dictionary hacking tools that use an English dictionary list easily find words in that dictionary. If the simple word doesn't give access to an account, the device modifies the submission and tries other iterations of the same word.
For example, a Dictionary hacking tool would attempt these iterations of the word Dog:DogDogsDogcatcherDogcatchersDogberryDogberriesDogmaDogmaticDogmatizedDog1Dog2Dog3Dog4
Password-guessing tools submit hundreds or thousands of words per minute. If a password is anything close to a dictionary word, it's incredibly insecure. When a password does not resemble any regular word patterns, it takes longer for the repetition tool to guess it.
Passwords with personal information, such as the user's birthdate or street address, are easy targets for hackers, as well.
How to Make Your Password More Secure
The best way to create a secure password is to start with a simple password and turn it into one that's much more complex.
The table below shows examples of a simple password that is progressively made more complex. The first column lists simple words that are easy to remember and are found in the dictionary. The second column is a modification of the first column. The last column shows how the simple password is converted into one that is harder to figure out.OK PasswordBetter PasswordExcellent Passwordkitty1Kitty1Ki77ysusanSusan53.Susan53jellyfishjelly22fishjelly22fi$hsmellycatsm3llycat$m3llycatallblacksa11Blacksa11Black$usher!usher!ush3rebay44ebay.44&[email protected]@ilovemypiano!LoveMyPiano!Lov3MyPianoSterlingSterlingGmal2015SterlingGmail20.15BankLoginBankLogin13BankLogin!3
Here are other examples of password variations that purposely avoid using complete English word patterns:Dog.[email protected][email protected]@ts-and-Dogs-Living-together
By injecting numbers and special characters instead of letters, these passwords take exponentially longer for a dictionary program to guess.