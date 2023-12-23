Passwords are our first line of defense against cyberattacks that can expose our personal and financial information to crooks, hackers, thieves, snoops, catfish creeps and criminals.

If you choose weak or predictable passwords, you're just asking for trouble and risk losing your privacy and security to these bad people who can cause you serious damage.

What are some passwords I should avoid?

NordPass is out with its annual list of the 200 most common passwords, and as you might have guessed, there are some repeat offenders on the list. Some of the highest ranking, yet weakest password words and numbers include:

123456

admin

12345678

123456789

1234

12345

password

123

Aa123456

1234567890

111111

P@ssw0rd

abc123

Password1

test

guest

Welcome@123

These passwords are very easy to guess and can be hacked by cybercriminals in a matter of seconds. If you're using the passwords above, it's time to change them ASAP.

How do I come up with a good password?

There are some basic rules to creating a good password that will be difficult for hackers to crack into. Following these guidelines might help you narrow down what you should and should not use.

Make sure your password has a minimum of 12 characters

The longer the password and the more characters that a hacker has to try, the better. Some sites will require you to make your password a certain amount of characters anyway, but having at least 12-14 characters or more is usually a safe bet.

Include numbers, symbols, capital and lowercase letters

Again, the more variety you have, the better. Be sure to include numbers and symbols and capital and lowercase letters. Make everything as random as possible to keep the hackers out. For example, a password like 'd%A$r(T496' would be much more difficult to crack than 'dart496.'

Avoid dictionary words

Any word on its own is not good to use for a password. It's too easy for a hacker to take one lucky guess from a common dictionary, like "cat" or "apple." Even a combination of dictionary words like "blue car" is too simple of a password.

Don't use substitutions

Replacing letters with common symbols can also lead to bad news. For example, if you want to use the word "smart" but instead write it as "$mart," it's too obvious because the $ symbol and the letter S look too similar.

Try to use a passkey instead of a password

Whenever possible, opt for passkeys instead of passwords. Passkeys are unique codes tethered to your device, which makes them a lot more secure and less susceptible to breaches. More companies like Apple, Google , Amazon and Microsoft are adopting passkey support as a safer alternative.

How can I keep my passwords safe?

Aside from the simpler password guidelines listed above, two other ways to keep your passwords safe are by using different passwords for different accounts and by avoiding writing down your passwords anywhere.

However, keeping track of all those letter and number combinations can be pretty difficult, especially considering that most tasks are completed online and we're required to have many accounts.

We recommend using a password manager

That's why we recommend using a password manager. Password managers are apps that allow you to create, store, fill and manage passwords for every task that you complete online, from online banking to shopping to medical records. Many password managers also include login encryption, making it more difficult (including the password manager company) to guess your password.

What qualities should I look for in a password manager?

When it comes to choosing the best password manager for you, here are some of my top tips.

Deploys secure

Works seamlessly across all of your devices

Creates unique complicated passwords that are different for every account

Automatically populates login and password fields for apps and sites you revisit

Has a browser extension for all browsers you use to automatically insert passwords for you

Allows a fail-safe in case the primary password is ever lost or forgotten

Checks that your existing passwords remain safe and alerts you if ever compromised

Uses two-factor authentication security

Get more details about my best expert-reviewed password managers of 2023 here.

Kurt's key takeaways

Passwords are more than just a way to log in to your online accounts. They are the first line of defense against cyberattacks that can expose your personal and financial information to malicious actors. Choosing weak or predictable passwords can put you at risk of losing your privacy and security. That’s why it’s important to follow some basic rules to create strong and unique passwords for every account you have. We recommend taking the time to review existing passwords and update ones that are weak or repeated.

However, remembering and managing all those passwords can be challenging and time-consuming. That’s why we recommend using a password manager, which can help you create, store, fill and manage your passwords securely and conveniently. With a password manager, you can enjoy the benefits of online services without compromising your safety.

