Why do we need good passwords?

Secure passwords are the cornerstone of online security. Failing to secure your passwords can give malicous hackers the opportunity to hack your accounts to steal data, expose private information, and generally cause mayhem. Having a long, strong, and random password can go a long way to securing your life online.

US CERT1 says “Passwords are a common form of authentication and are often the only barrier between you and your personal information. There are several programs attackers can use to help guess or crack passwords. By choosing good passwords and keeping them confidential, you can make it more difficult for an unauthorized person to access your information.”

What makes a good password?

There are a number of factors that make for a good password, and this list attempts to summarize those factors. You can read a more in-depth summary below the list.


  1. Do use long passwords - preferably 6 characters or longer
  2. Do use strong passwords - a combanation of upper and lowercase letters, numbers, symbols
  3. Do use a password manager - there are a number of good options in the market.


  1. Don’t use the same password for multiple accounts
  2. Don’t share your password with other people. No even the Netflix password.
  3. Don’t use passwords that include common words, or alpha-numeric swaps like [email protected]$$w0rd. The problem is that the hackers have already figured out these swaps and will try them immdiately.
  4. Don’t use personal information like your birthday, your relatives names or other information such as your birthplace. Most information like this can be found online.

1. Use strong passwords

First, let’s look at what having a strong password means. Most importantly, your password should not contain common strings such as 1234 or [email protected] Another key part of password security is having a long password. Try to have at least 6 characters in your passwords.

2. Use different passwords

Now, let’s take a look at how to manage a different password for each website.

Steve Gibson2, a well-known security expert, discribes passwords by saying, “Every password you use can be thought of as a needle hiding in a haystack. After all searches of common passwords and dictionaries have failed, an attacker must resort to a “brute force” search – ultimately trying every possible combination of letters, numbers and then symbols until the combination you chose, is discovered.”

  1. US Cybersecurity and Ifrastructure Security Agency, Security Tip (ST04-002): Choosing and Protecting Passwords, Original release date: May 21, 2009 ↩︎

  2. GRC Password Haystacks ↩︎