The ultimate guide to creating and storing secure passwords

Your passwords are the keys to your digital estate, which is more crucial than ever to protect.

Just consider the December 2020 SolarWinds cyberattack that exposed among other vulnerabilities, the easily guessable password “solarwinds123”, which hackers used to hide malicious code in software updates that SolarWinds then pushed to some 18,000 customers, including numerous federal agencies.

This breach, as well as many others like it, underscores the unwavering importance of creating and securing strong passwords. It doesn’t have to be a complicated process. Here are some best practices for creating safe passwords in 2024.   

Why is creating a safe password important?

A secure password can protect you and your sensitive data.

A good password can:  

• Protect your bank accounts and financial data from being infiltrated and stolen
• Save you from identity theft by hackers
• Make it harder for malicious actors to learn your password through automated or manual guesses
• Safeguard your social media accounts
• Maintain the safety and confidentiality of business information
• Ensure compliance with data protection regulations 
• Limit damage to just one account if cyberattackers obtain your password

5 Password creation best practices for 2024 

1. Randomise your passwords

Passwords can be hard to remember (just listen to this comedian) so it can be tempting to use familiar information or regular password formats when creating a password. However, such information is often easily guessable. To create a safe password, it’s important to use random details that are hard to deduce. 

Steer clear of common and easily decipherable patterns such as sequential numbers or letters. Avoid using your birthday, name, address or any other easily accessible personal information.        

2. Prioritise uniqueness

It’s said that using the same password for every site is like using the same key for your house, car and office. Such a practice makes your online accounts susceptible to credential stuffing—a common cyberattack strategy in which hackers get your password to one site and use that credential on countless other sites in hopes you reused the password. 

Be sure to use different passwords for different websites and accounts. If one is breached, the other accounts will be safe since they don’t share the same password. Consider customising each password to the specific site it’s being used for; this will ensure that your passwords are unique.   

3. Keep passwords long and complex

When it comes to password creation, “keep it short and sweet” is bad advice. Make passwords long in length and give them character variety. At Award Force, we recommend creating 12-character passwords containing a mix of uppercase and lowercase letters, numbers and symbols.

With each additional character, a password becomes tougher to guess and crack because the number of possible combinations increases. Since this can make it harder for brute-force attackers to try every single combination, a password of 12 characters proves much safer than a shorter one. 

A complex password that includes upper and lower case letters, numbers and special characters doesn’t follow predictable patterns. This also makes it harder for automated tools to guess.       

4. Try using a passphrase 

Another best practice for creating strong passwords is using a passphrase. A passphrase is a word sequence or a full sentence, with the necessary complexity, used as a password. The passphrase typically has a meaningful structure that makes it easier to remember.

To effectively create a strong password using a passphrase, consider using at least 4 words to form a sentence or phrase that means something to you. This will paint a picture in your mind, making the passphrase memorable. 

Remember to follow other rules relating to randomness and complexity.     

5. Leverage a password generator

You can use a password generator to create safe passwords. A password generator is a software application, browser extension or online service that creates passwords using algorithms and specific instructions. You can provide instructions regarding the password length, character types and patterns. 

Generally, password generators follow the best practices by creating unique, random and complex passwords. They do the heavy lifting for you, saving the time and effort that comes with manually creating passwords. Additionally, they integrate seamlessly with password managers, making it easy to save and use the passwords at will.

6. Store your passwords securely

Storing your passwords securely is an indispensable password management practice and helps ensure the integrity of the password. 

To securely store your passwords, consider using a password manager—a tool that stores and manages your passwords in an encrypted format. Password managers serve as a central storehouse for all your passwords, making them inaccessible without the master password. This reduces the risk of losing or forgetting passwords.

Password managers typically have an autofill functionality to help you immediately enter passwords. Some popular password managers are 1Password, LastPass and Bitwarden. 

It’s also important to enable two-factor authentication (2FA). This adds an additional layer of security by requiring a second form of verification. It’s important to avoid manually writing your passwords down or storing them in plain text; it makes them easily readable to anyone who gains access.

Creating a safe password in 2024 is a necessity, not a convenience. These tips will help you ensure your passwords are safe from malicious actors. At Award Force, we’re big on security; explore the different steps we take to protect you.