We wrote a while ago how to fix and prevent a hijacked email account and recommended using a strong password – an easy to guess password like 123456 leaves an email account wide open to attack. However, other online accounts like Twitter and Facebook etc can also be hacked if you use a weak password.
A Strong Password is long (minimum 10 characters) and has a mix of upper/lower case letters, punctuation, symbols, and numbers. The greater the variety of characters in your password, the better – use the entire keyboard, not just the letters and characters you use most often.
Test Your Passwords – An easy way to test your passwords is to use the Passwordmeter website to check how strong they are – just type in a password and, as you type, the application tests its strength and provides instant visual feedback.
For important passwords like online banking, email, Facebook etc you should aim for a ‘Score’ that is Green and 100%. The ‘Complexity’ should be ‘Very Strong’ and (for maximum security) all 7 ‘Additions’ fields should have a blue star and all 9 ‘Deductions’ fields should have a green tick.
The fields change as you type, giving a great visual clue as to when you have reached your goal of a very strong password – in the example below we used a password of 1d*6L^PmTq which passed with flying colors:
Give it a try – and if you have an existing password that scores poorly, use the test to check for a new stronger password so you can change it.
Saving Your Passwords
Strong passwords like 1d*6L^PmTq are obviously very difficult to remember – which is probably why so many people use weak ones…
The easiest way to work with strong passwords is to use a password manager which can remember them and automatically fill them in for you when you login to a website – for an example see our review of the secure password manager LastPass.
We highly recommend a password manager like LastPass or Roboform if you use Google Chrome or IE because neither browser offers a master password to protect your saved passwords.
Firefox does have a master password option – but do remember to use it.