How to Create a Secure Password

Written by Formstack on October 7, 2010

Posted in Form Hacks, IT + Security

After a couple years of running tech support here at Formstack, I’ve noticed that very few of our customers employ secure passwords.  Recently, we increased our standards for both Formstack login passwords and data encryption passwords, forcing users to use more characters and a mix of letters, numbers and non-alphabetic characters for encryption passwords.  Since then, I’ve spoken with several users who have never had to create a secure password before and have no idea how to do so, so I decided to create this short guide.

Create Your Secure Password

– Should be at least 8 characters long, but the longer the better.
– Should use both upper and lower case letters (passwords are case sensitive)
– Should contain numbers
– Should use at least one non-alphabetic character, such as ! @ # $ % * ( ) – + = , < > : “ ‘ .
– Does not use any personal information (names of pets or children, birth date, social security number, phone number, address, places, etc.)

If you need help creating a secure password, you can use a password generator, such as this one.

Remembering Your Passwords

The problem with creating a secure password is that they’re hard to remember, right?  And you need a DIFFERENT password for every website you use.  Never use the same password twice.  Never write down your passwords for others to find.

So how do I remember all my secure passwords?  Honestly, I don’t.  I memorized one extremely secure password, and I use that password to open my Keepass password safe, where I store all my other passwords.  You can download Keepass here.  It’s definitely a life saver, as it’s a way to securely store your passwords so you don’t have to memorize them all.

So why can’t you just use your kid’s name or your phone number as your password?  Well, first, they’re extremely easy to guess.  Second, they’re easy to crack.  There are readily available tools on the web that can be used to try to login to your accounts, trying thousands of different passwords in seconds.  A short, dictionary word or name password can be cracked by an amateur in a few minutes.  Secure passwords created using the guidelines posted above would take years to crack using the same methods.

If you don’t like the idea of using Keepass and randomly generated passwords, you can try creating secure passwords that can still be remembered, using a passphrase method like the one mentioned here.    But if you value your online data and identity, you will use secure passwords.