A-Z Popular Blog Security Search »
Information Security
Simplicable Guide
A-Z
Search
Popular
Sitemap
Advertisements
Related Guides
Information Security
Key Concepts
Information Security
Related Topics
top   »  computing   »  defensive computing   »  strong password

15 Rules for Strong Passwords

 , November 22, 2016
A strong password is a password that is difficult for a machine or person to guess. This includes resistance to brute-force attacks that involve a large number of intelligent guesses using algorithms or artificial intelligence. The following are types of things that tend to make a password stronger.

Length

Generally speaking, long passwords are stronger than short ones. Certainly anything shorter than 14 characters is weak.

Personal Information

Passwords that include personal information such as your name, birthday, school name or favorite sports team are weak.

Dictionary Words

Dictionary words such as "mydogiscute" are easier to guess than sequences of characters that aren't in the dictionary.

Well Known Patterns

Patterns of numbers or characters that are well known such as "911" are weak.

Dates

Dates are weak. For example, 1/1/1970 is weak.

Repetition

Repeated characters are easier to guess than non-repeated. For example, "1111111" is a terribly weak password.

Reused Passwords

Avoid reusing passwords as it is common for password data to be leaked. A unique password for each logon is stronger than reusing the same password.

User Ids

Using any user id such as an employee number as a password is always weak.

Keyboard Patterns

Keyboard patterns such as "asdf" are weak.

Common Obfuscation

Commonly used attempts to obfuscate a password such as "p@ssw0rd" are weak.

Doubled Words

Passwords that contain the same pattern twice are weak. For example, "catcat1" is weak.

Vowels

Algorithms will use any advantage they can find in guessing a password. Vowels are used more commonly in English and in passwords. As such, they may be guessed more often.

One

The digit 1 shows up in passwords more than other numbers and may often be guessed by brute-force techniques.

Random

Random patterns or reasonable simulations of randomness tend to be strong. For example, "7Fi^u&.2kFioPx6s3iZi8tmbdq0-!jlxJfE" is reasonably strong.

Character Variety

Using a variety of character types such as upper case, lower case, numbers and symbols helps to strengthen a password.
Overview: Strong Password
TypeDefensive Computing
Information Security
DefinitionA password that is difficult for a human or a machine to guess.
Related ConceptsInformation Security
Defensive Computing
Pseudorandom
Defense in Depth
Password Paradox

Information Security

This is the complete list of articles we have written about information security.
Audit Trail
Canary Trap
Critical Infrastructure
Cryptographic Keys
Cryptographic Salt
Cryptography
Data Breach
Data Remanence
Data Security
Deep Magic
Defense In Depth
Defensive Computing
Degaussing
Digital Identity
Failure Of Imagination
Geofencing
Hardening
Honeypot
IoT Security
Key Stretching
Network Security
Non-repudiation
Nonce
Operations Security
Overlay Network
Password Fatigue
Proof Of Work
Sandbox
Security Controls
More ...
If you enjoyed this page, please consider bookmarking Simplicable.
 
Cite »

Security vs Privacy

The relationship between security and privacy.

Hardening

An overview of technology hardening.

Deep Magic

An overview of deep magic, a technology term.

Defense In Depth

An overview of defense In depth.

Encryption Examples

A definition of encryption with examples.

Canary Trap

A definition of canary trap with an example.

Honeypot

A definition of honeypot with examples.

Security Through Obscurity

A definition of security through obscurity with an example.

Tokens

A definition of token with examples.

Backdoor

A definition of backdoor with examples.

Privacy By Design

An overview of privacy by design.

Personally Identifiable Information

An overview of personally identifiable information.

Delete vs Wipe

The difference between deleting data and wiping it.

Data Risks Examples

A definition of data risk with examples.

Personal Information

A definition of personal information with examples.

Data Subject

A definition of data subject with examples.

Machine Readable

The definition of machine readable with examples.

Delete

The definition of delete with examples.

Privacy Examples

The definition of privacy with examples.

Trending

The most popular articles on Simplicable in the past day.

New Articles

Recent posts or updates on Simplicable.
Site Map
Benchmarking
Business Analysis
Coding
Communication
Compliance
Networking
Computing
Creativity
Cryptography
Data
Design
Design Thinking
Governance
Information Security
Information Technology
Infrastructure
Knowledge Management
Management
Metrics
Organizational Culture
Problem Solving
Productivity
Project Management
More ...
© 2010-2023 Simplicable. All Rights Reserved. Reproduction of materials found on this site, in any form, without explicit permission is prohibited.

View credits & copyrights or citation information for this page.

About     Privacy Policy     Cookies Terms of Use     Contact Us


Cookies help us deliver our services. You have choices regarding these cookies. Please visit our privacy policy, cookie policy and consent tool to learn more.


Copyright 2002-2023 Simplicable. All rights reserved. This material may not be published, broadcast, rewritten, redistributed or translated. Report violations here.