When it comes to cyber safety, it’s better to be safe than sorry. Keep reading to learn why it's vital to make strong passwords and how to create them.
Why does password security matter?
Strong and secure passwords protect your most important personal information from cybercriminals.
Cybercriminals are people who commit crimes online. If a cybercriminal figures out your password, they could gain access to your online accounts and your private information. This is called 'hacking'. The information they could steal may include your:
- personal details
- bank details
- online records
- private documents
- online communications
- social media accounts
- any other information you've shared online.
As you can imagine, the damage caused can impact many parts of your life and take years to fix.
Unfortunately, cybercriminals are getting smarter at figuring out our passwords.
How do I create strong passwords?
The good news is that there are simple things you can do to create strong passwords that protect your accounts and are challenging for cybercriminals to hack.
Aim to make your passwords long, unique and random. Learn how to below:
Use passphrases
Long passwords are harder for cybercriminals to crack than short, difficult-looking passwords, like ‘k$d9H!*’
We recommend making ‘passphrases’.
A passphrase is a type of password made up of 4 or more random words. They’re tricky for cybercriminals to crack, but easy for you to remember.
Longer, uncommon words with two or more syllables are best to use. So instead of using a very common one syllable word with only a few letters (like ‘cat’), choose a word with many letters and multiple syllables (like ‘magician’).
For example:
- ‘glowering armour permanently jackets’
- ‘umbrella spherical thunder lightbulb’
- ‘magazine bottle alligators escalator’
Top tip
If a website or service requires a complex password including symbols, capital letters or numbers, you can include these in your passphrase. Your passphrase should still be long, unpredictable and unique for the best security.
For example, ‘glowering armour permanently jacketsS @$73’
Create a new password for each account
One of the easiest ways to stay safe online is to create a different password or passphrase for each of your accounts.
Why? If one of your accounts is breached and your accounts share the same password, the cybercriminal could gain access to any other accounts that use that password.
Make your passwords tricky to guess
The best passwords aren’t predictable in any way. Keep cybercriminals guessing by avoiding passwords with:
- Personal information. Don’t use any personal information that you’ve shared online. For example, your name, date of birth, your pet’s name and your address.
- Predictable sentences. Easy-to-guess sentences, like song lyrics, can be quickly cracked by the machines cybercriminals use.
- Predictable substitutions. If you need to include a mix of letters, numbers and symbols in your password, don’t use common substitutions. For example, don’t spell out ‘soap’ like ‘$0@p’.
- Common references. Cybercriminals often use large databases of popular words to crack passwords. To keep yours secure, avoid using common references such as names of bands, actors, singers, songs or TV shows.
More password security tips
Check the strength of passwords
Try Service Victoria’s password strength tester to test a password’s strength. If your password isn’t strong enough, you’ll see some handy tips on how to improve it.
You’ll also find a password generator to help you create strong passwords that keep your accounts secure.
Use a password manager
Even the strongest password won’t help to protect your data if it finds its way into the wrong hands.
Don’t store your passwords anywhere someone could find them or share them with anyone else.
If you’re finding it difficult to keep track of them, use a password manager. A password manager is a program that keeps your passwords safe and easy to access. Password managers encrypt all of your data. This makes it almost impossible for hackers to access them.
The great thing about password managers is that you only need to remember one ‘master password’ to access your passwords.
There are many free and paid options to choose from. Online reviews can help you pick one from a reputable vendor. Do your research and consult with an expert before picking one.
Update your passwords when necessary
Change your password immediately if you suspect your password has been hacked.
Doing this as quickly as possible could prevent you from losing your digital identity, data and money.
Enable MFA to add another layer of defence
Multi-factor authentication (MFA) is when you use 2 or more different types of actions to verify your online identity. Some online services might call it two-factor authentication (2FA), two-step authentication, two-step verification or use a term like ‘security key’.
Experts recommend using MFA to add an extra layer of protection when logging in to your online accounts.
For example, to log in you could enter your password and a unique code sent to your email.
Updated