Top 5 ways to pick a secure password

By Eric Garrison

Picking a secure password is crucial to protecting sensitive information.
1. Never reuse passwords. Ever. If you use a password on a low security site, it could be used to access your banking if you reuse it elsewhere. Data breaches are very common. When your password is breached at a service, that service will usually make you change it. But the service where you re-used it doesn't know that, so you just made that password very insecure.

2. Choose a long and strong passphrase. Yes, it is possible to remember your password and make it secure. Don't choose dictionary words. Security researcher Bruce Schneier suggests taking a sentence like: "When I was seven, my sister threw my stuffed rabbit in the toilet." And using the first letters, numbers and punctuation to make "WIw7,mstmsritt."

3. Let a password manager do it for you. Password managers can be a single-point of failure, so be honest with yourself. Are your passwords more secure if you let a manager that is 2FA-protected pick really good ones for you? Or do you want to manage all that yourself? And is the way you manage it more secure than a password manager? Be honest-nobody else needs to know.

4. Don't update passwords regularly unless you're forced to. It used to be that it took 90 days to crack a password, so if you changed it every 90 days you could stay ahead. Now it takes just seconds, unless you've picked a strong one.

5. Skip the secret question. If that's not an option, answer it like you're making a second password. There's no point in having a really secure password only to have it backed up by a dictionary word in your secret question that's easily guessable.

The fact of the matter is that you should really turn on two-factor authentication and hope that a better method will make the password obsolete. But, until then, we hope these tips will help.