A-Z Popular Blog Security Search »
Information Security
 Advertisements
Related Guides
Related Topics

15 Rules for Strong Passwords

 , updated on November 22, 2016
A strong password is a password that is difficult for a machine or person to guess. This includes resistance to brute-force attacks that involve a large number of intelligent guesses using algorithms or artificial intelligence. The following are types of things that tend to make a password stronger.

Length

Generally speaking, long passwords are stronger than short ones. Certainly anything shorter than 14 characters is weak.

Personal Information

Passwords that include personal information such as your name, birthday, school name or favorite sports team are weak.

Dictionary Words

Dictionary words such as "mydogiscute" are easier to guess than sequences of characters that aren't in the dictionary.

Well Known Patterns

Patterns of numbers or characters that are well known such as "911" are weak.

Dates

Dates are weak. For example, 1/1/1970 is weak.

Repetition

Repeated characters are easier to guess than non-repeated. For example, "1111111" is a terribly weak password.

Reused Passwords

Avoid reusing passwords as it is common for password data to be leaked. A unique password for each logon is stronger than reusing the same password.

User Ids

Using any user id such as an employee number as a password is always weak.

Keyboard Patterns

Keyboard patterns such as "asdf" are weak.

Common Obfuscation

Commonly used attempts to obfuscate a password such as "p@ssw0rd" are weak.

Doubled Words

Passwords that contain the same pattern twice are weak. For example, "catcat1" is weak.

Vowels

Algorithms will use any advantage they can find in guessing a password. Vowels are used more commonly in English and in passwords. As such, they may be guessed more often.

One

The digit 1 shows up in passwords more than other numbers and may often be guessed by brute-force techniques.

Random

Random patterns or reasonable simulations of randomness tend to be strong. For example, "7Fi^u&.2kFioPx6s3iZi8tmbdq0-!jlxJfE" is reasonably strong.

Character Variety

Using a variety of character types such as upper case, lower case, numbers and symbols helps to strengthen a password.
Overview: Strong Password
Type
Defensive Computing
Information Security
Definition
A password that is difficult for a human or a machine to guess.
Related Concepts

Information Security

This is the complete list of articles we have written about information security.
Audit Trail
Canary Trap
Confidential Information
Critical Infrastructure
Cryptographic Keys
Cryptographic Salt
Cryptography
Cybersecurity Risk
Data Breach
Data Remanence
Data Room
Data Security
Deep Magic
Defense In Depth
Degaussing
Digital Identity
Failure Of Imagination
Geofencing
Hardening
Honeypot
Incident Response
IoT Security
Key Stretching
Network Security
Non-repudiation
Nonce
Operations Security
Overlay Network
Password Entropy
Password Fatigue
Proof Of Work
Sandbox
Secure Code Review
Security As A Service
Security Controls
Zero-day
More ...
If you enjoyed this page, please consider bookmarking Simplicable.
 

Security vs Privacy

The relationship between security and privacy.

Hardening

An overview of technology hardening.

Deep Magic

An overview of deep magic, a technology term.

Defense In Depth

An overview of defense In depth.

Encryption Examples

A definition of encryption with examples.

Canary Trap

A definition of canary trap with an example.

Honeypot

A definition of honeypot with examples.

Security Through Obscurity

A definition of security through obscurity with an example.

Tokens

A definition of token with examples.

Backdoor

A definition of backdoor with examples.

Privacy By Design

An overview of privacy by design.

Expectation Of Privacy

The definition of expectation of privacy.

Personally Identifiable Information

An overview of personally identifiable information.

Delete vs Wipe

The difference between deleting data and wiping it.

Data Risks

A definition of data risk with examples.

Personal Information

A definition of personal information with examples.

Data Subject

A definition of data subject with examples.

Machine Readable

The definition of machine readable with examples.

Delete

The definition of delete with examples.

Privacy Examples

The definition of privacy with examples.
The most popular articles on Simplicable in the past day.

New Articles

Recent posts or updates on Simplicable.
Site Map