Password Strength Checker
How Secure Is My Password?
Share on Social Media:
How To Create Secure Passwords
The best practices for creating secure passwords are:
- A password should be 16 characters or more; our password-related research has found that 45 percent of Americans use passwords of eight characters or less, which are not as secure as longer passwords.
- A password should include a combination of letters, numbers, and characters.
- A password shouldn’t be shared with any other account.
- A password shouldn’t include any of the user’s personal information like their address or phone number. It’s also best not to include any information that can be accessed on social media like kids’ or pets’ names.
- A password shouldn’t contain any consecutive letters or numbers.
- A password shouldn’t be the word “password” or the same letter or number repeated.
Why Is Password Security Important?
Not having secure passwords has its consequences, which include but are not limited to:
- After gaining access to a user’s credentials, many hackers will log into their accounts to steal more of their personally identifiable information (PII) like their names, addresses, and bank account information. They will use this information either to steal money from the user directly or to steal their identity. Identity theft can result in further financial losses or difficulty getting loans or employment.
- Lack of privacy
- For businesses, hackers can start disinformation campaigns against companies, sharing their data with competitors and storing it for a ransom1.
The Impact of Stolen Passwords
Compromised passwords caused 80 percent of all data breaches in 2019, resulting in financial losses for both businesses and consumers.
Other Ways To Protect Yourself Online
Aside from creating secure and unique passwords for all web accounts, there are other best practices to increase one’s digital security.
- Use a VPN: While passwords keep unauthorized users out of accounts, Internet Service Providers can still track a user’s online activity as well as their devices’ private IP addresses. The only way to hide web activity and IP addresses is to connect not directly to a public Wi-Fi network, but instead to a VPN, which stands for Virtual Private Network. Learn more about finding the best VPN, all tested by our digital security experts.
- Get identity theft protection: While a strong password can go a long way in protecting online accounts, there’s no single action that can protect a user’s personally identifiable information from identity theft. Rather, top identity theft protection software monitors key criminal and financial areas for users’ personal information.
- Install a home security system: Users can protect their homes and families by using the best home security system. See how we tested these top systems by reading our ADT Review, our SimpliSafe Review and finally our Vivint Review.
- Use antivirus software: Antivirus software scans computers, phones, and tablets for malware, viruses, ransomware, spyware, and other cyber threats.
- Use a password manager: Password managers store users’ usernames and passwords in encrypted vaults, requiring only master passwords or biometrics to log into accounts.
- Only change passwords when needed: It’s a myth that users should change their passwords in regular intervals. Rather, it’s only necessary to change passwords if the account itself is compromised, according to recent reports.
How Our Tool Works: Methodology
Our “how secure is your password” tool above checks users’ passwords against a database of common weak passwords. It evaluates each password based on key factors such as:
- Number of characters: The password should have at least eight to 10 passwords, but 16 to 20 characters is ideal.
- Combinations: The password should include a combination of letters, numbers, and symbols rather than a phrase. Each character has an associated numerical value, and these characters are summed to create a grand total.
- Uniqueness: The password shouldn’t be repetitive in terms of its characters, with unique combinations instead.
Using these factors, the tool scores each password and converts this score into the amount of time it would take a computer to crack this password. For example, the password “f0JB^B5sjmXl” would take a computer 34,000 years to crack.