Why it’s important to use unique and strong passwords

Most passwords are vulnerable because they are simple, comprised of your accessible personal information, and reused on multiple websites. Cybercriminals are aware of these tendencies and can use them to gain control of your accounts.

Your dog is really cute, but if his or her name is all over your social media posts, it might not be the best idea for that name to be part of your password! The names of your siblings, children, street, employer, favorite sports team, and numbers associated with birthdays, addresses, and phone numbers are other common elements to have in a password that aren't hard for a cybercriminal to find out about you.

Yes, we know it's annoying when websites don't let you register a password if it's too “weak”, but it's for good reason! Cybercriminals have access to powerful computers that are remarkably fast at cycling through possible password combinations. Most websites have anti-fraud measures that prevent cybercriminals from accessing accounts this way, but you can never be too safe.

A 6 character password made up of only lower case letters only has 26^6 (308,915,776) combinations. A computer could cycle through those options in less than a second! And that’s assuming that the cybercriminal doesn’t already have a guess that your cute dog’s name isn’t part of those 6 characters! If you bump that up to 8 characters and include capital letters and numbers, the count of combinations goes up to over 218 trillion (218,000,000,000,000) combinations. That’s still child’s play for a computer though! It would only take about an hour for that password to be cracked. If you expand to 12 characters and also include special characters (like #, @, and *), the possibilities increase to over 475 sextillion (475,000,000,000,000,000,000,000 - gasp!). This would take a computer tens of thousands of years to crack. All of those extra zeroes add up to lots of extra protection!

If a cybercriminal gets their hands on your login credentials, they will commonly try using the same credentials on a laundry list of other websites using automated software with the hope that you use reuse them (65% of people do!). Since any password is capable of being compromised at any time, it’s safest to avoid reusing passwords to keep your other accounts safe - just like how a bank wouldn’t use the same vault combination at all of their branch locations!

In a perfect world, you would be able to memorize a long, random, and unique password for every one of your accounts. Unfortunately, that’s not a reality. The next best thing, according to most cyber security experts and The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, is a password manager.  

Password managers are great and helping you to randomly generate long and complex passwords and make it easy to have a unique one for every website. Password managers store your passwords behind powerful end-to-end encryption that not even they can access. The only key to the encryption is your master password, which you now know how to make very strong! We recommend 1Password. You can read more about how it works here.