How long should my passwords be?

Remember the days when your password for everything was your pet’s name – and if you wanted it to be extra secure, you added an exclamation mark to the end? Are you still using that method for choosing new passwords? If so, you’re at risk of having your logins for everything – from your favourite pizza chain to your bank account – compromised.

With so much of your life online, strong passwords are more important than ever. As a small business owner, they are essential to ensure your web services and servers remain secure.

What constitutes a strong password?

Media and tech website CNET recommends that you should use a minimum of eight characters – but while that represents 221 trillion combinations of upper case and lower case letters and digits, it can be guessed in a matter of hours by a hacker running an offline, brute-force attack.

On the other hand, a 12-character password would take hundreds of years to be cracked by the same method, and a 16-character password even longer than that. In other words, to be safe, aim for 12 or 16 letters and numbers. If you throw special characters into the mix, that’s even better.

Have my current passwords been stolen?

Yes, there’s a very good chance that some of them have. According to IT site Tech Republic, last year alone, 37 billion records were stolen in 3,932 data breaches. Thankfully, there’s an easy way to find out if you have a compromised password.

Type any email addresses or phone numbers you’ve employed as login usernames into the search bar at Have I Been Pwned, and it’ll list all the services where you’ve used those logins that have experienced a data breach. If you haven’t changed your passwords recently for any of the listed sites, it’s a good idea to do it now.

How do I choose and remember all these passwords?

One reason so many people have short, simple or duplicated passwords is that they’re easy to remember. Software company LogMeIn estimates that once you account for all of your social media, banking, streaming and retail apps, you could easily have 85 passwords or more. It’s no wonder people get lazy with their password admin!

While most browsers (like Google Chrome and Firefox) will remember your passwords for you, they could be hacked if someone takes control of your computer – likewise, if you store your password list in something like a Word document.

The easiest solution is to use a specialist password manager app like LastPass, Dashlane, or 1Password. It’s a secure way to generate, store, and auto-fill complex passwords for all your online services. Then you only need to remember one master password to log into your password manager.

If you’re a Moreweb email customer, you can use the password generator in your control panel under PRODUCTS > EMAIL > MANAGE to create or update your email account password. Just click the GENERATE button.

In summary, whenever you need to create a new password (or update an old one), make sure that it fits the following criteria:

  • A minimum of 12 – 16 characters long
  • A combination of upper and lower case letters, numbers, and special characters
  • Unique and not used for any other login
  • Not a dictionary word
  • Free of any personal information
  • Stored securely in a password manager app
  • Protected by two-factor authentication, if it’s available

This post answers the questions: #How long should password be #Password best practice #strong passwords examples #best practice for secure passwords

Leave a Reply