Passwords are your first line of defense against online predators. “A password is rather like a key that opens a door,” Matt Bishop, professor of computer science at the University of California at Davis, said. “If you pick a poor password, then anyone can get access to your accounts.”
To be strong, it should be long, complex and use symbols, letters, and numbers. That can make a password tough to remember, though a few tricks can make it easier.
Here’s a guide to help. And make sure to check our report "Your Secrets Aren't Safe" to find out about the most current Internet threats.
Just plain lazy
Analysis: According to SplashData, which makes password-management tools, the word “password” was unseated last year as the most widely used password online by the equally insecure “123456.” Numbers in sequence are easy to crack, but also, just about any ordinary word is subject to a “dictionary” attack, wherein hackers use software to try almost every known word.
Far too personal
Analysis: Combining your name and birth year is easy pickings for someone who can do a minimal amount of research on you. Ditto for the names of kids and pets. Using an uppercase letter as the first character makes a password more vulnerable because hackers know that’s very common.
Complex … maybe too complex
Analysis: This one is tough to crack. It means absolutely nothing but has at least eight characters and a mix of punctuation, numbers, and uppercase and lowercase letters. But it’s almost impossible to remember one for each account you own.
Memorable yet almost impenetrable
Analysis: This one pads your password— a real phrase spelled with symbols—with easily remembered punctuation and a number. It’s easy to vary from one site to another. Now go create a few of these for your own accounts. (But don’t reuse ours!)
Get more tips on online safety with our guide to Internet security.
Consumer Reports has no relationship with any advertisers or sponsors on this website. Copyright © 2006-2014 Consumers Union of U.S.