Cybersecurity blog Cybersecurity blog
AwareGO’s 3-Step Guide to A Strong Password
Facebook Twitter LinkedIn

AwareGO’s 3-Step Guide to A Strong Password

blank
Ásta Guðrún Helgadóttir
5 min read ∙ Apr 26, 2021
blank
Watch one of AwareGO’s many training videos about passwords.

Passwords – we all use them, we all need them, but we don‘t talk too much about them. Nor should we, ideally! However, we need to talk about good password habits. A strong password is a key to our online world, and if compromised, hacked, or stolen, it can be trouble. This is why we’ve created this easy guide to strong passwords.

Although keeping good password hygiene in cyberspace can sound daunting, some simple practices can go a long way in keeping your accounts safe. We are all familiar with the three simple steps towards a greener world: reuse, reduce and recycle. But those three Rs are the exact opposite for creating a strong password.

Rules of recycling are not applicable when creating a strong password.
REUSE REDUCE RECYCLE?

 Not applicable for passwords.

1. A Strong Password Is Never Reduced

A long password is a strong password. One method of trying to access accounts is simply by guessing. The longer the password is, the more difficult it is to guess. That’s why a password such as “1234” is easier to guess than a long password, such as “supercalafragalisticexpialadoshus”.

Most reputable services require a password of a certain length and involving special characters such as numbers and symbols. That makes it more difficult for an adversary to guess your password. As much as it is tempting to use something simple like “Password1234” or “Apple123”, they are not strong passwords.

Computer locked with strong password indicated by a lock and shield.
A dictionary hack is when a small script tries out every word in the dictionary to guess your password.

Cracking a password by guessing can also be done through a small script. Then, a simple computer program goes through a dictionary and tries out every word, combined with common endings such as 123. That means your account is not safe even if you learn how to spell “Supercalafragalisticexpialadoshus1234”! It’s akin to trying every combination on that bike lock that you’ve long forgotten.

A long password with a combination of letters, numbers and symbols is a strong password. So, instead of  “Supercalafragalisticexpialadoshus123″, which is easy to crack, try to guess “5upeRca74fra&ali$T1cexpia7ad0shu$”!

2. A Strong Password Is Never Reused

Reusing a password is one of the seven deadly sins of good password habits. But when you’ve finally memorized the ups and downs and letters of your super-secure password, “5upeRca74fra&ali$T1cexpia7ad0shu$”, it is very tempting to just, you know… use it again.

Because data breaches happen, a password that is leaked from one service can then be used to access another service. This means that if your password is leaked from one service, a clever hacker can try to use it for other services. That way, a hacker could access everything you’re doing online: from a hostile takeover of your social media account to emptying your bank accounts.

Passphrases are a way of combining words to form one long strong password.
Passphrases are combination of random words that are rarely seen together.

To remember those strong and secure passwords, you can create passphrases. A passphrase is a combination of random words that are rarely seen together. “AppleWiltingArmsRosesExpectationsG0″ is an example of a passphrase. Throw some strategically selected symbols in there, and hackers will have a hard time guessing your password: “AppleWiltingArm5RosesExpectation$G0”.

3. A Strong Password Is Never Recycled

Recycling may be good for paper but is bad for passwords. When you’ve finally remembered “AppleWiltingArm5RosesExpectation$” and you need to change it because of your company’s password policy, it may be tempting to just, change it a bit. “AppleWiltingArm6RosesExpectation$G0″ and then to “AppleWiltingArm7RosesExpectation$G0”, meaning that a clever hacker could easily guess your recycling method.

Similarly, don’t recycle your passwords by using the same password for your WiFi router and your email account, as an example. Sometimes one password needs to be used by many, like accessing your home WiFi, there is no need to recycle your private passwords for it. Just as you wouldn’t want to use someone else’s used masks, not even your partners, some things are just not meant for recycling.

Keeping Passwords Safe

So, how does one keep track of all those super strong passwords? You can’t use them again, you can’t recycle them, and you can’t keep them short and simple.

Man embodying a password manager types a password for a woman. A password manager stores and creates strong passwords and remembers them for you.
A password manager is like your own private butler who remembers all your strong passwords for you.

The answer is simple: Password managers. A password manager can help you create a strong password and then store it securely. You only need to remember one strong password for your password manager, and the password manager will do the rest: generate strong passwords, remember which password goes where, and keep your accounts as safe as possible from hacking!

Security Awareness Training For Password Handling

AwareGO provides training materials on all matters related to cybersecurity. We have curated ready-made programs for multiple subjects, including strong passwords.

Test our cloud based learning management system and content for free

Sign up for a free trial of our cybersecurity videos, our learning management system and our Human Risk Assessment to find out if they fit your needs.

blank
blank
Ásta Guðrún Helgadóttir
5 min read ∙ Apr 26, 2021

Become cyber secure

You and your employees are going to love AwareGO. It’s a modern, cloud-based system for managing human risk, from assessment to remediation. We’ve made it super easy — schedule your first assessment or training in minutes.

Get started for free and give it a go right now.

You’ll love the way AwareGO can fit into your existing infrastructure. Our robust APIs, widgets, and content available in SCORM format make sure that the integration is seamless. We also integrate with Active Directory, Google Workspace, and popular tools like Slack and Teams.

Contact us and our experts will recommend the best way to integrate.

Upgrade your cybersecurity business by adding human risk management to your existing portfolio of services. Increase your deal size by leveraging Human Risk Assessment or offering Security Awareness Training to your current customers and creating a new revenue stream.

Contact us to become an AwareGO partner, and we will support you every step of the way.

Join top companies worldwide in the mission to make workplaces cyber-safe

Get started free
blank blank blank blank blank blank blank blank blank blank